Firewall - SV650.org

Stu · 20-01-07, 02:08 PM

I know computer support has been done to death a bit, but I am still stuck - help would be greatly appreciated.

Pentium 3 computer running Windows 2000. I did have a Zone alarm firewall - but it kept restricting so much like MSN, Photos on the org animated emoticons and avatars etc. so I uninstalled it - Computer was fine for a couple of weeks till it was full of viruses/spyware which I cleaned up and installed PC Tools firewall.
Now I can't access my Gmail, my login passwords are never saved when I go back to sites and my wife keeps complaining that it stops her from doing what she wants.
Do I have to have a firewall? and is there one that will work but not restrict what I want?
Thanks

20-01-07, 02:20 PM

Yes, imo absolutely you must use a firewall, everyone should. On one of my boxes I use Zonealarm with Win2K (& msn etc) & it never restricts me atall. Maybe you should check your config.
Sygate is a good firewall (I use 4 software firewalls & 2 hardware firewalls, as I know how easy it is to get into windows, even throroughly hardened). Follow the advice I put in this post http://forums.sv650.org/viewtopic.ph...100&highlight= & also disable Netbios on your lan.

HTH

20-01-07, 02:42 PM

why don't you upgrade to XP

20-01-07, 02:47 PM

Stu, passwords not being saved is an issue with your browser. Check the settings there. It could also be spy-ware protection that's removing these passwords, I've seen that happen before.

Is a firewall a must? This machine has been running ZoneAlarm, and ZA was registered on it on 05/06/2006 07:01, since then, it has blocked 22740 "intrusion attempts". These are mostly virus attack attempts, but a small number could be genuine hack attempts. I'm actually using my dad's computer at the moment, and he's only ever connected to the internet when he NEEDS to be, unlike me who's constantly online. Usually this machine only spends 2 hours max a day on the internet!

My companies policy is that ZA must be installed on every machine, despite the fact we hide behind a Cisco firewall.

If you're being stopped from accessing certain websites, this will either be the firewall preventing them from being seen due to parental filters etc (which ZA doesn't apply btw), or DNS lookups will be failing. Prime target here is that Windows services aren't allowed internet access under certain conditions when they need to be. However, it could be your ISP that's not returning an authorative DNS answer.

It's also very possible that more malware (spyware or virus) has got onto the computer again. Give me a call if you want further advice whilst you're in front of the machine, I'll PM my mobile number to you in a min, don't call the 0161 number I gave you before, it won't work right now.

drummer, IMO, what you're doing is overkill. Security is a concept, yes, and you can never 100% secure something. But then, you're never 100% safe on the bike, does that mean you wrap yourself in 4 metal cages to ride it, knowing full well each metal cage has it's weak points? Didn't think so.

Yes, Windows is very vulnerable. Yes ZoneAlarm has it's flaws, yes Windows Firewall (XP) has more flaws, but it's down to acceptable risk. A linux box in the hands of someone who isn't sure what they're doing is much the same (and most ship like this out of the box still!).

IMO (and strictly IMO) if you have one hardware firewall, and it's configured properly, this stops all except firewalking (and other complex issues such as packet injection & DNS tweaks, but you should have a stateful firewall if it's hardware based). Then on top of that, running either a seperate hardware firewall (eg, for specific depts in a company) or a software firewall (eg on a home machine) should be more than sufficient.

There's no need to disable NetBIOS on the LAN if it's properly secured at all points of access to that network. In a corporate situation, that advice could well cause far more problems, because people wouldn't be able to print!

(BTW, yes, I have done some of the things I've mentionned above maliciously in the past)

Mr Toad, you're having a laugh, right?

Stu, PM on it's way.

20-01-07, 03:01 PM

I've run two PCs at home with an "always on" broadband connection, one running Win98SE and this one running XP. I've used ZoneAlarm Free Version on both and never has a virus, trojan or anything. Used with AVG antivirus.

Never had any issues over access to the 'net, MSN, etc. I agree with the advice that it must have been your config that was the issue.

Reinstall it and I'll PM you the settings I use (which are pretty-much the default settings anyway).

20-01-07, 03:03 PM

Quote:

Originally Posted by Baph

drummer, IMO, what you're doing is overkill. Security is a concept, yes, and you can never 100% secure something. But then, you're never 100% safe on the bike, does that mean you wrap yourself in 4 metal cages to ride it, knowing full well each metal cage has it's weak points? Didn't think so.

Yes, Windows is very vulnerable. Yes ZoneAlarm has it's flaws, yes Windows Firewall (XP) has more flaws, but it's down to acceptable risk. A linux box in the hands of someone who isn't sure what they're doing is much the same (and most ship like this out of the box still!).

IMO (and strictly IMO) if you have one hardware firewall, and it's configured properly, this stops all except firewalking (and other complex issues such as packet injection & DNS tweaks, but you should have a stateful firewall if it's hardware based). Then on top of that, running either a seperate hardware firewall (eg, for specific depts in a company) or a software firewall (eg on a home machine) should be more than sufficient.

There's no need to disable NetBIOS on the LAN if it's properly secured at all points of access to that network. In a corporate situation, that advice could well cause far more problems, because people wouldn't be able to print!

(BTW, yes, I have done some of the things I've mentionned above maliciously in the past)

Me too

provided you know what you're doing you can never go far enough if its important to you, silly analogies aside lol
If you've an unnetworked PC accessing the internet REALLY disable netbios, bit different in a corp situation etc.

20-01-07, 03:07 PM

I have Zone Alarm professional running and Symantic AntiVirus works just fine. Also the router has a firewall and so does XP. It takes a while to configure all three firewalls but once done once it's sorted.

What do you mean I'm over cautious.

20-01-07, 04:26 PM

Buy a mac. Then you don't have to worry about any of this spyware/virus sh!t!

20-01-07, 05:14 PM

Quote:

Originally Posted by lukemillar

Buy a mac. Then you don't have to worry about any of this spyware/virus sh!t!

Ah, one perfect customer

Although no where near as bad as Windows, have a looky here:

http://antivirus.about.com/od/macint..._Resources.htm

Gis your ip address

On my machine I run a firewall, and also "protected" by the one on the router, and I also use AVG.....altough no firewall is totally secure, you can't be too careful!

Stu · 21-01-07, 12:02 AM

Gosh!, thanks for all the help.
What I need to do is order that hard drive I thought I did order before Christmas

and start from scratch again on my laptop and keep the kids and wife off it (I wish!)
My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough.
I'll try and pick and choose from all the advice given - thanks again

20-01-07, 02:08 PM	#1
Stu Trinity Mega Poster Join Date: Jun 2006 Location: Guildford Posts: 8,027	Firewall I know computer support has been done to death a bit, but I am still stuck - help would be greatly appreciated. Pentium 3 computer running Windows 2000. I did have a Zone alarm firewall - but it kept restricting so much like MSN, Photos on the org animated emoticons and avatars etc. so I uninstalled it - Computer was fine for a couple of weeks till it was full of viruses/spyware which I cleaned up and installed PC Tools firewall. Now I can't access my Gmail, my login passwords are never saved when I go back to sites and my wife keeps complaining that it stops her from doing what she wants. Do I have to have a firewall? and is there one that will work but not restrict what I want? Thanks

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Alternative to windows firewall.	Blue_SV650S	Idle Banter	11	17-10-08 07:01 PM
Free firewall ...	Tomcat	Idle Banter	23	25-10-07 12:51 PM

20-01-07, 02:20 PM	#2
_drummer_ Guest Posts: n/a	Yes, imo absolutely you must use a firewall, everyone should. On one of my boxes I use Zonealarm with Win2K (& msn etc) & it never restricts me atall. Maybe you should check your config. Sygate is a good firewall (I use 4 software firewalls & 2 hardware firewalls, as I know how easy it is to get into windows, even throroughly hardened). Follow the advice I put in this post http://forums.sv650.org/viewtopic.ph...100&highlight= & also disable Netbios on your lan. HTH

20-01-07, 02:42 PM	#3
Mr Toad Guest Posts: n/a	why don't you upgrade to XP

20-01-07, 02:47 PM	#4
Baph Guest Posts: n/a	Stu, passwords not being saved is an issue with your browser. Check the settings there. It could also be spy-ware protection that's removing these passwords, I've seen that happen before. Is a firewall a must? This machine has been running ZoneAlarm, and ZA was registered on it on 05/06/2006 07:01, since then, it has blocked 22740 "intrusion attempts". These are mostly virus attack attempts, but a small number could be genuine hack attempts. I'm actually using my dad's computer at the moment, and he's only ever connected to the internet when he NEEDS to be, unlike me who's constantly online. Usually this machine only spends 2 hours max a day on the internet! My companies policy is that ZA must be installed on every machine, despite the fact we hide behind a Cisco firewall. If you're being stopped from accessing certain websites, this will either be the firewall preventing them from being seen due to parental filters etc (which ZA doesn't apply btw), or DNS lookups will be failing. Prime target here is that Windows services aren't allowed internet access under certain conditions when they need to be. However, it could be your ISP that's not returning an authorative DNS answer. It's also very possible that more malware (spyware or virus) has got onto the computer again. Give me a call if you want further advice whilst you're in front of the machine, I'll PM my mobile number to you in a min, don't call the 0161 number I gave you before, it won't work right now. drummer, IMO, what you're doing is overkill. Security is a concept, yes, and you can never 100% secure something. But then, you're never 100% safe on the bike, does that mean you wrap yourself in 4 metal cages to ride it, knowing full well each metal cage has it's weak points? Didn't think so. Yes, Windows is very vulnerable. Yes ZoneAlarm has it's flaws, yes Windows Firewall (XP) has more flaws, but it's down to acceptable risk. A linux box in the hands of someone who isn't sure what they're doing is much the same (and most ship like this out of the box still!). IMO (and strictly IMO) if you have one hardware firewall, and it's configured properly, this stops all except firewalking (and other complex issues such as packet injection & DNS tweaks, but you should have a stateful firewall if it's hardware based). Then on top of that, running either a seperate hardware firewall (eg, for specific depts in a company) or a software firewall (eg on a home machine) should be more than sufficient. There's no need to disable NetBIOS on the LAN if it's properly secured at all points of access to that network. In a corporate situation, that advice could well cause far more problems, because people wouldn't be able to print! (BTW, yes, I have done some of the things I've mentionned above maliciously in the past) Mr Toad, you're having a laugh, right? Stu, PM on it's way.

20-01-07, 03:01 PM	#5
Jabba Guest Posts: n/a	I've run two PCs at home with an "always on" broadband connection, one running Win98SE and this one running XP. I've used ZoneAlarm Free Version on both and never has a virus, trojan or anything. Used with AVG antivirus. Never had any issues over access to the 'net, MSN, etc. I agree with the advice that it must have been your config that was the issue. Reinstall it and I'll PM you the settings I use (which are pretty-much the default settings anyway).

20-01-07, 03:07 PM	#7
Stig Guest Posts: n/a	I have Zone Alarm professional running and Symantic AntiVirus works just fine. Also the router has a firewall and so does XP. It takes a while to configure all three firewalls but once done once it's sorted. What do you mean I'm over cautious.

20-01-07, 04:26 PM	#8
lukemillar Guest Posts: n/a	Buy a mac. Then you don't have to worry about any of this spyware/virus sh!t!

21-01-07, 12:02 AM	#10
Stu Trinity Mega Poster Join Date: Jun 2006 Location: Guildford Posts: 8,027	Gosh!, thanks for all the help. What I need to do is order that hard drive I thought I did order before Christmas and start from scratch again on my laptop and keep the kids and wife off it (I wish!) My 10Gb hard drive is full of all the P0rn, I mean songs downloaded so it's not surprising it's running a bit rough. I'll try and pick and choose from all the advice given - thanks again