Zonealarm free firewall

thank you for the info.
It maybe have HIPS but not as good as other, (maybe)

 

Oki doki

 

I am at home so should i change the default ZA FW Zones from the installed Trusted Settings for my Home Network and DHCP Server to The Public setting.

 

Why would you set your LAN and DHCP to Internet (public)?
Your LAN start with 192.168....? In other words... do you have a router?

 

Should i lock my Hosts File in ZA FW Settings.

 

I have a router so i guess the public setting is for home Wireless which i don't use now.

 

Does the Hosts File have something to do with the DNS. I use OpenDNS so if i change my DNS i would have to unlock it.

 

Then, the default (trusted) is fine when you are at home (wireless or not).
If you want to prevent the access by anyone or anything to the hosts file then tick that option.
If opendns use hosts file to work then better not to lock it.

 

To modify general security settings:
Select COMPUTER | Advanced Firewall and click Advanced Settings.
In the General area, choose your security settings.
Block all fragments
Blocks all incomplete (fragmented) IP data packets. Hackers sometimes create fragmented packets to bypass or disrupt network devices that read packet headers.
Caution: If you select this option, ZoneAlarm security software will silently block all fragmented packets without alerting you or creating a log entry. Do not select this option unless you are aware of how your online connection handles fragmented packets.
Block trusted servers
Prevents all programs on your computer from acting as servers to the Trusted Zone. Note that this setting overrides permissions granted in the Programs panel.
Block Internet servers
Prevents all programs on your computer from acting as servers to the Public Zone. Note that this setting overrides permissions granted in the Programs panel.
Enable ARP protection
Blocks all incoming ARP (Address Resolution Protocol) requests except broadcast requests for the address of the target computer. Also blocks all incoming ARP replies except those in response to outgoing ARP requests.
Allow VPN Protocols
Allows the use of VPN protocols (ESP, AH, GRE, SKIP) even when High security is applied. With this option disabled, these protocols are allowed only at Medium security.
Allow uncommon protocols at high security
Allows the use of protocols other than ESP, AH, GRE, and SKIP, at High security.
Lock hosts file
Prevents your computer’s hosts file from being modified by hackers through sprayer or Trojan horses. Because some legitimate programs need to modify your hosts file in order to function, this option is turned off by default.
Disable Windows Firewall
Detects and disables Windows Firewall.
Filter IP over 1394 traffic
Filters FireWire traffic. You will need to restart your PC for these filter changes to take effect.

 

With ZA FW in dafault settings i was getting resolving hosts messages with Chrome and computer slowed down a lot. No more resolving messages and normal speed back after changing Public Zone to Medium Setting.

 

Is your LAN and DHCP set as trusted in the ZA firewall zones and your "trusted zone" set to MEDIUM?
EDIT: If the above is already true then ensure your DNSs IPs are included in the firewall zones as TRUSTED.

 

So i should add a Trusted Zone for both OpenDNS IP's

 

Yeap ... and set Internet zone back to default. Safer...
Even tough you still have the router facing the internet.

 

Personal Firewalls" are mostly snake-oil ..... http://samspade.org/d/firewalls.html

 

Nothing new under the sun...

However, the author seems to forget that there is basically no difference in a software firewall and a hardware firewall other than the latter running on a dedicated hardware and software firewall also able to monitor outbound connections.

So, bugs and crappy packet filtering can also happen on the mentioned routers brand which I, by chance, had the opportunity to use

 

I just updated to ZoneAlarm Free 12.0.121.000 from 11.0.768 and things did not go good. After restart i could not get to the internet and the background was close to frozen. Had to restart in safe mode and uninstall it then restart and install 768 again.

 

When jumping between major version releases (e.g. 11 to 12) you should first fully remove the old before installing the new.
Start fresh with clean setup. This will solve the problem unless you have specific third party applications in conflict with ZA12

 

So from time to time it gets new stuff ?
Usually stays unchanged for many years in spite of version evolution.

What is new in the new ?

 

No visible changes apart from updated core drivers, fixing of bugs and fix of undisclosed vulnerabilities.

http://sc1.checkpoint.com/sc1/za/release-history/zafree.html

 

I've finally checked it out, and I already said it a couple of months ago, but the GUI is totally ruined.

There is no fast way to see the rules in "program control", what a bunch of morons!

 

The GUI the same since version 10 and program control too... This means been the same for the last 3 or 4 years
And program rules are not in the free version... Only retail

Of course, to each it's own...

 

The free version totally sucks

 

Yeah, of course.. very useful and in-depth insight, LoL

 

FYI What I meant wasn't the protection but GUI and user-friendliness, and yes I insist, it sucks.

in 'application control' tab inside 'application control settings' window you can only see one option under 'Advanced control' section and that would be "Enable Microsoft Catalog utilization" !!

So simply I can say they literally don't know the meaning of "advanced"

 

Yeap, that's normal. ZAfree does not include any advanced firewall controls and for applications you cannot setup specific rules (e.g. opening ad-hoc ports) but only broader controls on inbound Y/N /outbound Y/N + server rights Y/N + suspicious behaviour (basic HIPS).

More advanced controls (specific rules for application or more granual controls) are only available in retails versions of the product.

On the GUI, well as the latins says "De gustibus non est disputandum". I know users that likes it very much this and other that hate it...

Of course, there are indeed plenty of free options aside ZA that do the job you are looking for. So, just use those...

For example, if you are obsessed by limiting/controlling at a very granular level the trusted applications running on the PC then ZA is not for you. If you instead just need a simple to use firewall that will warn you about "unknowns" or "unrecognised" components active in the system then, yes, it can do that.