protecting zone alarm pro

Discussion in 'ProcessGuard' started by gr49erluvr, Aug 7, 2004.

Thread Status:
Not open for further replies.
  1. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    I thought I read somewhere that I do not need to add zone alarm pro to process guard to protect it , is this true? Or should I go ahead and add to the list?
    Thanks in advance :D
     
  2. dallen

    dallen Registered Member

    Joined:
    May 11, 2003
    Posts:
    824
    Location:
    United States
    I'm no expert, but my intuition tells me that you DO want to protect ZA Pro. I say this for a couple of reasons. First, it is a core layer of security and you don't want to leave it vulnerable to attack. Second, it is capable of accessing the Internet and I read somewhere that you want to protect anything that is capable of connecting to the Internet. Hope this helps.
     
  3. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    What Dallen suggests is not a bad idea. I asked a while back this same question on the ZA forum. I was told that ZA has built-in protection, and protects itself. I was told PG protection was not necessary, but wound not hurt. I use both ZA and PG, and have not added ZA to my protected programs list. :)
     
  4. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    Thank you both for your quick replies. I'll sleep on it. :)
     
  5. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi gr49erluvr, ZA does a very good job at protecting itself so using Process Guard maybe overkill.
    As ZA's .exes are on the PG's checksum list any change to it's .exe's would be noticed by Process Guard which adds another layer of protection which cannot be bad. :)

    HTH Pilli
     
  6. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    Thank you Pilli.
     
  7. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Hi gr49erluvr,

    It is just my opinion, but I would add it.
    I think you only need to add vsmon.exe because that is the actual firewall service(process) that needs to be protected. zlclient.exe is just the user interface part of ZAP that sits in the system tray so it is not important (others could confirm this).
    I have vsmon.exe protected with the first 4 blocked flags and the first allow flag with no options.
    It works well for me with no problems.
    Here are my reasons to have it protected:

    1. You bought PG to protect critical security processes. Your firewall is your first and most important line of defense so to protect it is not overkill. If you bought it, you might as well use it.

    2. ZAP has password protection (you should still set a good password) but malware may still be able to terminate ZAP using similar methods to DCS APT program.

    3. From what I have read, malware doesn't even need to terminate the firewall. Even worse, it could inject itself into the firewall running in memory to bypass it. They could also possibly inject into other internet capable apps that you permited internet access through ZAP (like browsers, email clients) so those should be protected too.

    4. It's fun to setup an advanced layered security system. :ninja:
     
  8. Dazed_and_Confused

    Dazed_and_Confused Registered Member

    Joined:
    Mar 4, 2004
    Posts:
    1,831
    Location:
    USA
    Very good point, Devinco. :)
     
  9. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    Yes that was a very good point and thank you very much for pointing that out to me. :D
     
  10. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    Ok I added it and blocked the first 4 flags. With the first allow flag did you mean put a check mark or leave it blank?
    Thanks for your time.
     
  11. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Here's the setting that I use.
     

    Attached Files:

  12. gr49erluvr

    gr49erluvr Registered Member

    Joined:
    Jul 26, 2004
    Posts:
    13
    Thats what I thought you ment . Thanks for your time, have a good one.
     
Thread Status:
Not open for further replies.