small question regarding firewall configuration

Discussion in 'other firewalls' started by rOadToIS, Dec 28, 2008.

Thread Status:
Not open for further replies.
  1. rOadToIS

    rOadToIS Registered Member

    Joined:
    Dec 16, 2008
    Posts:
    168
    I'm using ZoneAlarm firewall and found an option called "lock hosts file."
    Should I use this option to prevent qhost infection, or should I just leave it unchecked?
    What about "Enable ARP Protection?"
    Please advise.
     
    Last edited: Dec 28, 2008
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Hi!
    yes, lock host file will lock the 'hosts' not allowing modifications. Other software may need to hook on hosts file so double check is not causing conflicts....

    Not an expert on ARP but according to the manual "ARP protection will block all incoming ARP (Address Resolution Protocol) requests except broadcast requests for the address of the target computer. Also blocks all incoming ARP replies except those in response to outgoing ARP requests"

    If you are alone in the LAN its not needed... and if your LAN is populated by trusted PC also will be not needed.

    Cheers,
    Fax
     
  3. Escalader

    Escalader Registered Member

    Joined:
    Dec 12, 2005
    Posts:
    3,710
    Location:
    Land of the Mooses

    Hello:

    You have a response to your ZA questions.

    FWIW, I agree, lock host and block ARP as it matches my security policy of block by default and allow by exception. You may be alone on the LAN now but that has an odd way of rapidly changing.

    I don't know if you use a host management system but in my case I have the BISS Host manager and it renders the host file read only. So there may be doubling up for you on locking it if you did both a FW lock and a BISS type lock.

    Out of curiosity only, how do you use your Host file? For 127.0.0.1 loopbacks or do you also put addresses you want to resolve in the list thus saving DNS lookups?

    Take care!
     
Loading...
Thread Status:
Not open for further replies.