What version of ZOneAlarm fastest with XP SP2

[Thomas]

Oh yes. It will alert me when some of MS programs try to either send
some data (usually unneeded) or "act as a server" (for something I
don't need or use). I like to keep track of what is happening

Disable services you don´t need, and you´re done. Far more reliable.
Plus don´t install programs that phone home if you don´t want them to
phone home. Or disable the phone home function.

For malware and viruses yes, but I guess they will be caught be the
AV,

If they try to establish outbound connections, your AV has very
obviously _not_ caught them. And your system is toast.

but for "serious programs" it will.

A "serious program" will not try to establish outbound connections
without you knowing about this.

It can deny MS programs access,
I can deny Word access, I can stop "host services" from beeing servers

It can stop everything that allows Zone Alarm to stop it. I will not
stop anything that does not allow ZA to stop it.

Regards
Thomas

 

[Lars-Erik Østerud]

Disable services you don´t need, and you´re done. Far more reliable.
Plus don´t install programs that phone home if you don´t want them to
phone home. Or disable the phone home function.

Some MS programs don't behave. Why should the printer spooler have
Internet access (it ask for), why should it have "act as a server",
and most MS programs send thing even with "phone home" off.

So even if it is not fullproof the program check funtion of ZA does
make it possibel to stop lots of programs from sending/listening.

And for malware I have anti-virus anyway (though I don't really need
that I think as I have never gotten anything, it's just to be a bit
awake on what links and messages you click on and don't use Outlook)

If they try to establish outbound connections, your AV has very
obviously _not_ caught them. And your system is toast.

They are caught. I get a "xxxxxxx is asking for server permissions"
etc. Have you ever used ZA or similar. I catches them, asks if they
should be able to communicate, and if not you can block them. ZA is
hooked on a very low level of the communication system in Windows (if
you stop the firewall service, nothing gets out from the machine).

A "serious program" will not try to establish outbound connections
without you knowing about this.

Tell that to MS

It can stop everything that allows Zone Alarm to stop it. I will not
stop anything that does not allow ZA to stop it.

How does that get passed the "wsmon" service then? Does it have it
own network drivers all together then (since ZA has patched into the
system drivers). I know huge serious companies using ZoneLabs
firewalls on their PCs (with central administration). Are they stupid?

 

[Ulf Leichsenring]

compromised system after the fact. But what about those cases where a
PFW can limit the damage when infected? Doesn't that have _any_ merit at
all, especially for inexperienced users?

But most of the inexperienced users equipped with personal firewalls
behave like: "I don't have to be carefully while using the internet. I'm
totally secured by this <fill in your preferred pf-software name>."
And then they will click on every dubious link and email attachment. I'm
working in it-security for more than 10 years now and that's the reality
unfortunately.

 

[Lars-Erik Østerud]

But most of the inexperienced users equipped with personal firewalls
behave like: "I don't have to be carefully while using the internet. I'm
totally secured by this <fill in your preferred pf-software name>."

Their problems. IT techs need to have work too

And then they will click on every dubious link and email attachment. I'm
working in it-security for more than 10 years now and that's the reality

Even employees in IT companies does this (especially sales-people