Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zone Alarm Alerts !


  • Please log in to reply
12 replies to this topic

#1 Dennis H

Dennis H

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 14 May 2007 - 04:00 PM

Howdy,

I downloaded Zone Alarm to use as my new firewall this morning. I read thru the information provided about the abundance of security alerts (pop up screens) that I may receive until the program gets some what trained.

I think I may have misunderstood the tutorial they provided.

I am getting alerts in what seems to be every 2 seconds. :flowers:

May I have some advice as to how to tame (tweak) this program down ?

I would certainly want to maintain the maximum protection available using this program but at this point I feel the price to pay for that may be to high with the settings I am using.

In other words the pop up windows are driving me "nuts" :thumbsup:

Thanks for your time,

Dennis :trumpet:

Edited by Dennis H, 14 May 2007 - 04:07 PM.


BC AdBot (Login to Remove)

 


#2 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:55 PM

Posted 14 May 2007 - 08:47 PM

What ZA, free or ZAPro or ZASuite?
Which version?
Which computer system are you using?
Is your network in the trusted zone?
Is your gateway in the trusted zone?
Is DHCp in the trusted zone?
Are standard programs in the program list configured to allow Internet access but no more?
Is Generic Host process (svchost) permitted to be a server?
Have you initially permitted ZA to configure program permissions?
Have you read the Help screens?
What do the alerts say - can you quote several?
If the alerts are for programs you know (IE, Word, Mail) did you tell ZA to remember your permission?
Without some information other that it don't work, it annoys me, I doubt anyone here can begin helping you.

#3 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 15 May 2007 - 05:26 AM

Thanks for the reply tos226.

I will try to answer some of the questions that you ask. The ones I miss is because I do not understand the question.

I have XP Home, SP2, IE-7. The Zone Alarm version is Free 7.5.

I have not done any configuration on my own. From what I read Zone Alarm would take care of that when downloaded.

From reading the help screens I realised that there would be many pop up screens asking permission for a program to access the Internet such as Spybot, Ad-Aware, etc;.

I was also aware that I would get warnings about other computers that would try to access my computer.
What I did not realise is that I would get 297 of them in two hours.

Here is an example:
Posted Image

I left the settings as they were when I downloaded the program. Firewall setting on high. Trusted Zone on medium.

I have since moved the Firewall setting to medium and most of the incoming alerts have stopped. I realise that Zone Alarm is only doing it's job but am wondering if all these alerts are necessary.

When I moved the Firewall setting to medium it tells me that that setting is recommended for temporary Internet use. The word temporary makes me think I should move it back up to high.

Sorry my original questions were so vague.

To give you an idea of my Internet habits, I do some net surfing but I try not to get on any questionable sites. I do not get on porn sites, game sites or music sharing sites.

Hopefully the bit of information I have provided will help those trying to help me.

Thank You for your time,

Dennis :thumbsup:

#4 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:55 AM

Posted 15 May 2007 - 05:32 AM

What you should do is next time you receive one of these alerts click on the Don't show this dialog again box and then click OK. Zone Alarm will still block these but you won't get the warning messages any more.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#5 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 15 May 2007 - 05:42 AM

Thanks budapest.

Is it a good to idea to put the Firewall setting back on high ?



Dennis :thumbsup:

#6 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:55 AM

Posted 15 May 2007 - 05:49 AM

I don't use Zone Alarm so I'm not exactly sure of the difference between medium and high. However, based on what you have said I would put it back on high and see how it goes.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#7 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 15 May 2007 - 06:00 AM

OK that is what I will do.

If you care to look this is what the dialog says when you move the settings.

Posted Image


Posted Image




Thanks,
Dennis :thumbsup:

#8 jgweed

jgweed

  • Staff Emeritus
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:01:55 PM

Posted 15 May 2007 - 07:26 AM

You should set both to High because this Z/A setting apparently puts your computer into "stealth mode." This mode makes your computer (and IP address) invisible to the outside world peering in without permission, just like closing the blinds.
Regards,
John
Whereof one cannot speak, thereof one should be silent.

#9 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 15 May 2007 - 07:55 AM

Ok jgweed, will do. Thanks.





Dennis :thumbsup:

#10 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:55 PM

Posted 15 May 2007 - 08:28 AM

Under the ZA regime, computer is always stealth. They open the ports as needed and as requested by the PC. I think most firewalls these days do the same but I'm no expert on firewalls.

ZA General rule: Trusted zone should be on Medium. Internet should be high.
See the description to the left of your settings - as that's a connection to all computers in the world. Example, using DNSstuff.com, is the likely pinging from Chinanet on port 12200. Temporary medium setting, I suppose is OK, if you trust the address. Is 220.166.64.216 known to you? Can you trust it?

Trusted zone can be High, but it might make communication with a router or other PCs on the home LAN impossible. I gather, the normal setting for Trusted is Medium, though some people have put it High.

Incidentally, this box is for your information. It's been blocked. It's rare to see this sort of alert if you have a router, since the router would do the blocking. In anycase, do tell ZA to not show the alert again and that will be the end. On the other hand, it's educational to watch the alerts for a while to get used to how ZA behaves and what creeps are trying to get in :thumbsup:

Since you weren't sure how to answer other questions, let's look at you Program settings - try a screen shot of the main screen of the Program Control. In ZA free you're unlikely to have more than one screenfull of program names.

#11 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 15 May 2007 - 09:11 AM

Thanks tos226. It took three shots to get them all in. I have no idea what belongs there so there may be things I can delete. ??

Posted Image


Posted Image


Posted Image



I will out for a while but will check back and see if you have had a chance to look them over.


Thanks !

Dennis :thumbsup:

#12 tos226

tos226

    BleepIN--BleepOUT


  • Members
  • 1,568 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:LocalHost
  • Local time:02:55 PM

Posted 15 May 2007 - 12:35 PM

These are my opinions -
Bottom line first - I'm now pretty sure the alerts you see are proper. Just tell ZA to not tell you about them.

Program settings are close to default or at default. "?" are nice in that you will get an alert on whether to allow or not internet access. I would question the need for the Windows Explorer and Spooler to have any internet rights, unless you really need them. Do you search for or print files somewhere out there in the Internet world? I'd give those a "?".
I don't know what a bunch of those programs are, but it doesn't matter. "?" will ask you and you'll know what to do.
You can always delete things in the Programs list. ZA will put it back on next use. So don't worry about it so long as you remember your settings that worked - now documented here at BC :thumbsup: :flowers: In fact, you will soon begin to see duplicates of installers, expecially Windows updates. Just delete. Especially when they refer to some temp files. Standard multi-select works (ctlr-click)

Still to see would be a screen shot of your firewall settings. If you do not have a router, please block out your private IP address, if it's there, before posting a screen shot.I use version 6. Most likely version 7 requires similar items in the trusted zone: network/subnet (gets automatically added), DHCP server, gateway, DNS server(s), and loopback address (127.0.0.1). If you use a router, chances are the gateway, DHCP and DNS numbers will be the same. You can check it all yourself:
Start > Run
type cmd and hit return
on the cmd window, type ipconfig /all (make sure to include space before /)
Compare the numbers to the listing in your trusted zone.
Or do nothing until you have trouble.

Expert help needed here - Review of anti-Spyware - you didn't ask, but I noticed you have a bunch of them. It's ok to have one or two running in the background, but more might be trouble. People more experienced than I could comment on the combinations that work well.
AVG - leave alone, I presume it's running all the time with other AVG components.
Spybot S&D - Not sure if Tea-Timer should be running, otherwise, great product, great for changing and documenting startup list. Just make sure to Immunize after every update.
Norton - perhaps some use just for scans
Lavasoft Ad-Aware - run scans, don't use real time protection
Spyware Guard - I don't know it
SpywareBlaster - leave alone, it doesn't run all the time
Windows Defender - waste of time. Uninstall.
SuperAntiSpyware - is really great. Not sure if can run when AVG runs. I'd use it for scans.

I hope others pitch into all this.

Edited by tos226, 15 May 2007 - 12:41 PM.


#13 Dennis H

Dennis H
  • Topic Starter

  • Members
  • 893 posts
  • OFFLINE
  •  
  • Local time:01:55 PM

Posted 24 May 2007 - 03:54 PM

Sorry for the late response tos226. I had to go out of town unexpectedly.



Thanks for the information.

I use SpyBot S&D with Tea Timer enabled. It seems to do a great job. It is generally the first program to catch any potential problems.

I use the Windows Defender because it is free. It has caught a couple of things since I installed it. It is set to update and scan automatically so I figured why not use it.

I found out about SpyWare Guard from this thread:


http://www.bleepingcomputer.com/forums/t/405/antivirus-antimalware-and-antispyware-resources/

The Norton program came along with the Yahoo tool bar. What is kind of odd is that I ran a scan with it one day and it found a virus that my paid for Norton Security 2006 did not pick up on.


Zone Alarm settings are at default.


Thanks,
Dennis :thumbsup:

Edited by Dennis H, 24 May 2007 - 04:00 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users