Windows 7 Firewall or Zone Alarm Free

Discussion in 'other firewalls' started by Aventador, Sep 12, 2012.

Thread Status:
Not open for further replies.
  1. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    I was looking to add another layer of security to my pc. No this is NOT an A vs. B thread. I am merely asking for peoples advice. I do not want to hear anything about Comodo or OA. Too many annoying pop ups with either of those. With my current setup on Avast Free 7 with all shields on high do you think Windows 7 Firewall is good enough? Yes I am behind a NAT. I do a lot of online financial transactions. Thanks.
     
  2. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    I was looking for a FW to install it with Avast free.Comodo's cfp.exe uses 30-40% CPU with Avast installed,Privatefirewall installed with Avast lead to a strange behavior which is that Privatefirewall can't block some programs from access the internet,PcTools FW doesn't work with SBIE,so i decided to try ZoneAlarm Free.And it's a keeper for me,because it's running for a week now along with Avast free and SpyShelter free without a glitch.My laptop is fast and no slowdowns are noticed,boot time or browsing.For me ZA free is the ideal choice for a third party FW installed with Avast.Try it and see for yourself if it worth.I'd say say it definitely does.
    PS.Other people may say that it's OK Windows FW.Yes it is,but i always preferred to use third party FWs.My personal choice.
     
  3. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    Thanks Joe.
     
  4. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    You're welcome.Let us know if you like it or not.:)
     
  5. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    If you are using a single PC or have a simple home network set-up, the WIN 7 firewall on a WIN 7 x64 installation is all you need.

    As far as inbound protection, there is no better firewall than the WIN 7 firewall. I am talking firewall functionality here. Script blocking and the like is anti-malware territory.

    It is statefull; it has an block edge transversal option for inbound connections.

    It has Windows Service Hardening(WSH). No third party firewall has that. It only allows Internet access to services on OS demand with dynamic port management.

    As far as outbound protection which is by default set to allow all connections, it's a moot point unless you have commercial network to protect. In that case, you're probably using a server OS.

    Bottom line - firewalls are to keep the bad guys out of your system. If your system is doing non-legit outbound connections, your infected. You need a good malware cleaner in that case.

    I do recommend turning off WIN 7 teredo and IPv6 to IPv4 tunneling at the service level. All tunneling bypasses firewalls and I have never bought Microsoft's statement that its packet monitoring on the above tunnels is adequate.
     
  6. noobian

    noobian Registered Member

    Joined:
    Aug 15, 2012
    Posts:
    5
  7. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    Lucky I had a clean image lying around. First time ever my laptop came to a crawl after installing ZAF. Shut down Windows Firewall first. Oh well I tried.
     
  8. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    You actually need to have the OS firewall ON. ZA will take care of disabling it. If you disabled it before you can break ZA. Your internet connection should be also ON. Install with custom (if you want to remove the toolbar) and AUTO for application control.
     
  9. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    I looked at that thread a while back and it made absolutely no sense to me. The WIN 7 firewall by default allows all outbound. As such, there should be zip conflict with the Avast web shield. I used Avast 6 with web shield on and the WIN 7 firewall and had no issues.

    If people turn on outbound protection on the WIN 7 firewall, then they will have to create a rule to allow outbound TCP traffic from Avast to port 80 since it is Avast's web shield that is performing the HTTP browser connection.
     
  10. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    Been there done that. I always disable Windows Firewall prior to installing ANY 3rd party firewall. Did it with OA and Comodo. As far as being connected I always am. 24/7. Didn't care much for the 4 additional processes either.
     
    Last edited: Sep 14, 2012
  11. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,731
    Location:
    localhost
    Yes, thats why I had posted since with ZA you should do it differently to be able to install it correctly. ;)
     
  12. JoeBlack40

    JoeBlack40 Registered Member

    Joined:
    Apr 1, 2009
    Posts:
    1,572
    Location:
    Romania
    Sorry didn't worked for you.As we all know,sometimes PC's are like people,picky,unpredictable and full of surprises.;) What is working for me doesn't for you and vice-versa.
     
  13. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420

    So very true. Every software effects each pc a different way. Now it would be different if everyone had the same pc with the same software.
     
  14. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    I remember back in the days i had ZoneAlarm firewall and i had problem with the Internet-Connection so i called on the phone the guys that i ordered bandwith and they were PRO at everything, because everytime i had issue with my PC they joined my pc easily and they fixed it !!!

    BUT with Zonealarm they could not even come into my PC, so they asked me what have i done, which strong firewall do i use, i said Zonealarm, and they told me if you want us to help you please DISABLE Zonealarm and then we can help you.

    So with WindowsFirewall crappy firewall the hackers can easily join your pc, but with Zonealarm and settings Stealth then NOBODY can hack your pc, that's why i think you should chose Zonealarm !!
    It's a damn good & strong firewall against hackers !!!
     
  15. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    Marcus thanks for the info. But you should never rely on a software firewall to stop inbound threats and hackers. Your first line of defense should always be a router with NAT. Nothing beats a good hardware firewall. A software firewall is mainly to protect and control outbound traffic.
     
  16. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    As long as it is a stand alone one. The firewalls incorporated into routers have varying degrees of effectiveness. All of them can be rendered useless if the router is hacked. Stand alone hardware firewalls start at around $150 US. That is outside the price range of most home users.

    The software firewall's primary purpose is to prevent unauthorized inbound traffic. It is also a backup in a layered defense strategy to the router firewall for most retail users. Outbound protection's primary purpose is to prevent your network from unauthorized access.
     
  17. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420
    I have yet to see or heard of a case where a routers firewall has been penetrated.
     
    Last edited: Sep 15, 2012
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  19. SnowFlakes

    SnowFlakes Registered Member

    Joined:
    Jun 29, 2011
    Posts:
    194
    Ok o_O
    I had the Router's firewall ON but it did not help them to join my PC, but when i enabled Zonealarm then they could NOT join my PC !!!
     
  20. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    Agreed it's more ideal, but assume the person is using a mobile wifi dongle to access the internet - what then would you find is the best solution?

    Avast's network intrusion module plus a good firewall?
     
  21. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    tnx for the info itman.
    so it would seem a router is not as bulletproof as some people have suggested.

    personally, i have no intention of adding a router to my computer, especially after reading this.

    the only times i got infected (years ago), it was not because i did not have a router but because i was playing with software that was 'not entirely legal'. lol
     
  22. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    I have a commercial grade router and it has been hacked multiple times. The first time was problably due to, as Heffner points out, I never bothered to change the default user ID of Admin and left the password word blank. So I added a weak password and I was hacked again. So this time I set a password so strong I forgot what it was and had to do a hard reset.:argh: So then I set a strong password and wrote that one down. It also appears to have done the trick also. The router hasn't been hacked again.:D

    You can spot these DNS rebinds if you monitor your router connections and start seeing inbound localhost 127.0.0.1 - 127.255.255.255 traffic from the router.
     
  23. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    855
    Of course it's not, but most threats will be automated scans of IP ranges looking for vulnerable PCs to use various pre-made tools - i.e. script kiddies.

    Most people don't have a competent hacker specifically targeting them.
     
  24. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Router hacking has been going on for a long time and it certainly is not being done by "script kiddies."

    http://voices.washingtonpost.com/securityfix/2008/06/malware_silently_alters_wirele_1.html

    http://securitywatch.pcmag.com/hacking/285146-the-router-hacking-challenge-is-over

    http://www.securitytube.net/groups?operation=view&groupId=1

    I find it most interesting the people can be obsessive over their software firewall protection and never consider the fact that if their router is hacked, all that effort is negated.
     
    Last edited: Sep 16, 2012
  25. Aventador

    Aventador Registered Member

    Joined:
    Sep 9, 2012
    Posts:
    420

    Lol..............That article does not say they were hacked. Its an article about being vulnerable. The article is also 2 years old. I have a 2Wire Gateway. They only way in is with the password that is stamped on the side. Not the wifi password but the settings password. Everyone has a different login password. No default. I have also changed my settings password and wifi password.
     
Loading...
Thread Status:
Not open for further replies.