I know computer support has been done to death a bit, but I am still stuck - help would be greatly appreciated.

Pentium 3 computer running Windows 2000. I did have a Zone alarm firewall - but it kept restricting so much like MSN, Photos on the org animated emoticons and avatars etc. so I uninstalled it - Computer was fine for a couple of weeks till it was full of viruses/spyware which I cleaned up and installed PC Tools firewall.
Now I can't access my Gmail, my login passwords are never saved when I go back to sites and my wife keeps complaining that it stops her from doing what she wants.
Do I have to have a firewall? and is there one that will work but not restrict what I want?
Thanks

Yes, imo absolutely you must use a firewall, everyone should. On one of my boxes I use Zonealarm with Win2K (& msn etc) & it never restricts me atall. Maybe you should check your config.
Sygate is a good firewall (I use 4 software firewalls & 2 hardware firewalls, as I know how easy it is to get into windows, even throroughly hardened). Follow the advice I put in this post http://forums.sv650.org/viewtopic.php?t=49100&highlight= & also disable Netbios on your lan.

HTH

why don't you upgrade to XP

Stu, passwords not being saved is an issue with your browser. Check the settings there. It could also be spy-ware protection that's removing these passwords, I've seen that happen before.

Is a firewall a must? This machine has been running ZoneAlarm, and ZA was registered on it on 05/06/2006 07:01, since then, it has blocked 22740 "intrusion attempts". These are mostly virus attack attempts, but a small number could be genuine hack attempts. I'm actually using my dad's computer at the moment, and he's only ever connected to the internet when he NEEDS to be, unlike me who's constantly online. Usually this machine only spends 2 hours max a day on the internet!

My companies policy is that ZA must be installed on every machine, despite the fact we hide behind a Cisco firewall.

If you're being stopped from accessing certain websites, this will either be the firewall preventing them from being seen due to parental filters etc (which ZA doesn't apply btw), or DNS lookups will be failing. Prime target here is that Windows services aren't allowed internet access under certain conditions when they need to be. However, it could be your ISP that's not returning an authorative DNS answer.

It's also very possible that more malware (spyware or virus) has got onto the computer again. Give me a call if you want further advice whilst you're in front of the machine, I'll PM my mobile number to you in a min, don't call the 0161 number I gave you before, it won't work right now.

drummer, IMO, what you're doing is overkill. Security is a concept, yes, and you can never 100% secure something. But then, you're never 100% safe on the bike, does that mean you wrap yourself in 4 metal cages to ride it, knowing full well each metal cage has it's weak points? Didn't think so.

Yes, Windows is very vulnerable. Yes ZoneAlarm has it's flaws, yes Windows Firewall (XP) has more flaws, but it's down to acceptable risk. A linux box in the hands of someone who isn't sure what they're doing is much the same (and most ship like this out of the box still!).

IMO (and strictly IMO) if you have one hardware firewall, and it's configured properly, this stops all except firewalking (and other complex issues such as packet injection & DNS tweaks, but you should have a stateful firewall if it's hardware based). Then on top of that, running either a seperate hardware firewall (eg, for specific depts in a company) or a software firewall (eg on a home machine) should be more than sufficient.

There's no need to disable NetBIOS on the LAN if it's properly secured at all points of access to that network. In a corporate situation, that advice could well cause far more problems, because people wouldn't be able to print!

(BTW, yes, I have done some of the things I've mentionned above maliciously in the past)

Mr Toad, you're having a laugh, right? :lol:

Stu, PM on it's way.

I've run two PCs at home with an "always on" broadband connection, one running Win98SE and this one running XP. I've used ZoneAlarm Free Version on both and never has a virus, trojan or anything. Used with AVG antivirus.

Never had any issues over access to the 'net, MSN, etc. I agree with the advice that it must have been your config that was the issue.

Reinstall it and I'll PM you the settings I use (which are pretty-much the default settings anyway).

drummer, IMO, what you're doing is overkill. Security is a concept, yes, and you can never 100% secure something. But then, you're never 100% safe on the bike, does that mean you wrap yourself in 4 metal cages to ride it, knowing full well each metal cage has it's weak points? Didn't think so.

Yes, Windows is very vulnerable. Yes ZoneAlarm has it's flaws, yes Windows Firewall (XP) has more flaws, but it's down to acceptable risk. A linux box in the hands of someone who isn't sure what they're doing is much the same (and most ship like this out of the box still!).

IMO (and strictly IMO) if you have one hardware firewall, and it's configured properly, this stops all except firewalking (and other complex issues such as packet injection & DNS tweaks, but you should have a stateful firewall if it's hardware based). Then on top of that, running either a seperate hardware firewall (eg, for specific depts in a company) or a software firewall (eg on a home machine) should be more than sufficient.

There's no need to disable NetBIOS on the LAN if it's properly secured at all points of access to that network. In a corporate situation, that advice could well cause far more problems, because people wouldn't be able to print!

(BTW, yes, I have done some of the things I've mentionned above maliciously in the past)

Me too ;)
provided you know what you're doing you can never go far enough if its important to you, silly analogies aside lol
If you've an unnetworked PC accessing the internet REALLY disable netbios, bit different in a corp situation etc.

I have Zone Alarm professional running and Symantic AntiVirus works just fine. Also the router has a firewall and so does XP. It takes a while to configure all three firewalls but once done once it's sorted.

What do you mean I'm over cautious.

Buy a mac. Then you don't have to worry about any of this spyware/virus sh!t!

Buy a mac. Then you don't have to worry about any of this spyware/virus sh!t!

:shock: Ah, one perfect customer :wink:

Although no where near as bad as Windows, have a looky here:

http://antivirus.about.com/od/macintoshresource/Macintosh_Viruses_and_Mac_Virus_Resources.htm

Gis your ip address :lol:

On my machine I run a firewall, and also "protected" by the one on the router, and I also use AVG.....altough no firewall is totally secure, you can't be too careful!

Gosh!, thanks for all the help.
What I need to do is order that hard drive I thought I did order before Christmas :? and start from scratch again on my laptop and keep the kids and wife off it (I wish!)
My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough.
I'll try and pick and choose from all the advice given - thanks again

Gosh!, thanks for all the help.
What I need to do is order that hard drive I thought I did order before Christmas :? and start from scratch again on my laptop and keep the kids and wife off it (I wish!)
My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough.
I'll try and pick and choose from all the advice given - thanks again

Lol :lol: Just make sure you've got a firewall running dude.....job done :thumbsup:

Gosh!, thanks for all the help.
What I need to do is order that hard drive I thought I did order before Christmas :? and start from scratch again on my laptop and keep the kids and wife off it (I wish!)
My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough.
I'll try and pick and choose from all the advice given - thanks again

Lol :lol: Just make sure you've got a firewall running dude.....job done :thumbsup:

No, really. A hardware firewall (DSL modem/router combined) AND virus/spyware at a bare minimum. Just a firewall? :lol:

Gosh!, thanks for all the help.
What I need to do is order that hard drive I thought I did order before Christmas :? and start from scratch again on my laptop and keep the kids and wife off it (I wish!)
My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough.
I'll try and pick and choose from all the advice given - thanks again

Lol :lol: Just make sure you've got a firewall running dude.....job done :thumbsup:

No, really. A hardware firewall (DSL modem/router combined) AND virus/spyware at a bare minimum. Just a firewall? :lol:

Damn rightish :thumbsup: :lol:

My opinion for what it is worth, is get rid of any firewall on your windoze systems. They interfere with the smooth operation (Is that possible) of the os and give you a false sense of security. Then install a hardware firewall (For home use, I prefer Netgear stuff) at your network connection.


I spent 10 years implementing and enforcing my companies security policy and architecture. A firewall is only any good if you manage it. you need to know how to read/analyse the logs. Understand the rule set you have applied and be rigorous in enforcement. I don't have default service out policies. I define all outgoing services and sources just as I do with incoming traffic. My default rule sets are always a deny rule.

A firewall is more than a nat device. it is an intelligent filter that uses stateful inspection to decide what is a valid connection. I am always suspicious of ssh traffic as I have no knowledge of what may be tunneled. P2P I stamp on. There is never a good reason for it.

So know your traffic patterns. For most homes a few simple rules to permit outgoing http/https/smtp/pop3/imap should suffice with default deny policies. The stateful inspection should then permit reply packets to established connections and all in the garden should be rosy. once you start hosting service and have to open incoming rules think carefully about what you are doing.

Anyone with an old PC that wants to learn about implementing firewalls. I suggest you have a look at the smoothwall project. install the superkernel and have control of your network firewall policies.

Okay - that's two of you geeks that have used the word "stateful".

I think I can have reasonable guess as to what it means but how about one of you removing the doubt?

Stateful inspection refers to the process where the firewall tracks the connection state of connections passing through it.

So your browser attempts to connect to the org. so your computer goes through a slight dialog to the org along the line of:.

----> computer Syn ----> org
---->org syn ----> computer
---->computer Ack ----> org
---->org Ack ----> computer


A sort of hello greeting can I talk to you. until the above happens your firewall will only allow a syn packet to pass in if it has previously sent out a syn packet to that destination. Then the same with the Ack.

So before any packet may pass through a firewall a connection using the above must be established.

A firewall is more than a nat device.

Thankyou! That was driving me insane, reading the stuff above your comment.

Most DSL "firewalls" are NAT devices, and not "firewalls". However, for the luddite, they do the same thing. i.e. essentially block traffic, until you add a NAT rule to allow traffic in (or out, usually by default on these devices).

My view on this is you should lock down inbound and outbound traffic. In reality, at home, nobody bothers really. So a generally accepted compromise is block incoming traffic and allow all outgoing traffic by default.

In this case, a firewall on your PC will not do much (Unless its one of these "Application" firewalls, do you want internet explorer to access the internet? No ****! Unblock), however again windows firewall (in XP) is usually enabled to do the same thing, allow out, deny in.

The only time you should fiddle with this is if you need incoming services, i.e. you run a web server on your pc. Or, for example network games also require this sometimes.

In this case, you will have to change the NAT on the router and allow the incoming service on the PC.

Anyway, im just rambling now. So i'll go and grab a cuppa.

Dan