Really, I'd totally understand if you just conveniently forgot to respond to this thread again. I'll figure it out somehow.
You don't get out of it that easily!
I'm no expert on this, I'm just saying what I think
I know. The detail I could be wrong about - it's up to yourself or others to correct me, but the basic ideas I'm fairly confident about.
LAN = Local Area Network, is the network you have in your house for example. It links your PCs with your router or with a print server. It could be wired, it could be wireless, its still the LAN.
If you have a communications link to another house or another city or another country then that is a WAN or Wide Area Network and things operate in a slightly different way. The Internet links LANs together over a WAN.
So in simple terms the LAN is your stuff and the WAN (or Internet) is the link to the rest-of-the-world.
The job of a firewall is to prevent unauthorised access to your PC by malicious people (or robots, or programs). Usually these malicious types are not in your home (I hope) they are in the 'rest-of-the-world' so the firewall has to distinguish between access from your home and access from elsewhere. It does this by defining two zones, Trusted and Internet. In the Trusted zone you put your home LAN (usually the firewall is smart enough to figure out that bit for itself) and everything else goes in the Internet zone. You can add or delete things from the two zones as required. For example if you had a friend down the street and you had some communications link between their PC and yours and wanted to share data you could add them to the trusted zone.
Re Server rights:
What kind of thing would they be sending, receiving, processing? WHY would they be doing that if it had nothing to do with what I was doing (like running their application, right?) In my ignorance of this, it sounds like they would be using my pc for their own purposes against my wishes; sounds kind of like a malware-type thing to me, even if it isn't.
I may not have explained this very well, since I don't understand it very well, but the sort of thing I'm talking about would be checking for updates, reporting quality of service statistics, or yes, just plain reporting back to base on how you use the application. Usually this is benign but unnecessary. For example do you really
want Acrobat Reader to be able to connect to the Adobe corporation via the internet, dump some statistics and check for updates and special offers every time you open a pdf document? I don't. An X in the Server/Internet column stops it from doing that. The Server/Trusted column is probably irrelevant because Acrobat is not going to be asking your router for update info, or if it does it won't get a sensible answer. But it's not malware activity (although some come very close!).
When you say that you'd give them all an X on Server rights, do you mean an X in 'Trusted' AND 'Internet'?
Yes, in a domestic LAN there's not going to be any application updates (for example) coming from one of your own computers. (But there could be if you were on a corporate LAN so the option is there.)
Re Access rights:
This is the ability to send and recieve data if required. For example Windows Explorer - this gives you a graphic view of the files and folders on your computer - it can also be used to give a view of the files and folders on other PCs on your LAN. That's useful, so give it a tick in the Trusted zone (under Access). Are you going to use Windows Explorer (not Internet Explorer) to view files and folders across the Internet? NO. I don't even know if that's possible. So give it an X under Access/Internet. Are you interested in getting updates, or sending usage statistics to Microsoft, about Windows Explorer (if such a thing were possible)? NO. So give it an X under Server/Trusted and Internet. (You'll get your updates via Windows Update anyway). What does all this achieve? Well it means if some virus or worm infected Windows Explorer it would not be able to use that path to propogate itself to the rest of the internet community.
Similarly with your other applications, ask yourself "What do they do?" and configure Zone Alarm accordingly. If you don't know - that's what the ? is for.
Geez I rabbit on.
I hope this verbose simplification has been of some help.
Edited by Rimmer, 07 November 2005 - 05:00 AM.