Zone Alarm Configuration

I have installed Zone Alarm and have a few questions on configurations. First of all is there a thread on it specifically. I already noticed that svchost.exe is trying to connect to the internet - Generic Host Process for Win32 Services. I believe that is normal with Win XP. Believe it is coming from windows\system32\svchost.exe Should I allow it and say don't ask again? Should I check "Protect the ZoneAlarm Client"? Does anyone know some generic answrs for what to allow and disallow with this program?

 

I don't see a specific Zone Alarm forum right here ... but you can probably find some help here ...http://forums.zonelabs.com/zonelabs

Yes. Checking allow and don't ask again would be correct. However, Generic Host Process does not need to have Act as Server allowed. Here is a link with some information on Local Host ... http://support.microsoft.com/?kbid=314056

I use Sygate Personal Firewall rather than Zone Alarm so I'm not sure about "Protect the ZoneAlarm Client" setting. My assumption would be to say "Yes" and I'd find out pretty quickly whether or not that is the correct answer.

 

Chaslang

I find that I can not connect on internet thru Mozilla if I do not allow svchost.exe to connect.

 

I also use Sygates Free Firewall,Zone Alarm made my system run slow for some reason.

 

So does any1 have opinion which they like better, Sygate or Zone Alarm

 

With indulgence of chaslang, perhaps we can extend this a bit longer. The Sygate or Zone Alarm question is discussed in number of forums and it typically comes out about even. Both do an excellent job and it generally comes down to personal choice.

After several years using Zone Alarm, I recently switched to Sygate. I felt Zone Alarm was becoming a bit bloated and the interface more confusing. After several weeks, I think Sygate is a bit less cumbersome. It's truly a matter of choice.

If you decide to try Sygate, note this mid January comment from Trinh, the Sygate Super Moderator on the Sygate Forum.

---------------
Version 5.6 build 2808 has reported bugs and has been fixed.
The fix will not be available until the next release.
Currently we are in beta of the is release.

You can revert back to Version 5.5 build 2710 at the following link.
http://207.33.111.31/spf/spf5.5b2710.exe
---------------

I suggest taking this advice rather than downloading the current Version 5.6 build ... then upgrade when the new (currently in beta) Version 5.6 build is released.

 

Thanks for allowing us to hang in with this thread. It might be of interest to have a forum dedicated specifically to malware prevention programs like firewalls and antivirus. It has become such a critical issue ... and it might prevent a few folks from winding up in your Spyware Specific forum. The Software Forum seems to be a bit too general for these focused tools. Just a thought.

 

Agreed. Spyware Specific does a great job covering the full issue. You had just mentioned that this discussion might be borderline. If prevention fits just a well as trying to get fixed ... that's great. I see it as a good spot to discuss your sticky "How to Protect yourself from malware!" information.

Thanks again for your support.

 

I've been using ZoneAlarm Free for almost a year.
I've had no problems since, the only trick was getting used to it asking what to allow,I was always wondering, like you, should I allow this, or what is that for??.
I dont know if I was right, but I went off the perception that if it was in my puter and wanted out it was ok.
Try this, if something asks to get out allow it once before checking "do not ask again". if all goes fine next time You can check the box and allow.
Its important to security check your system after these trials,, good luck
Also, I'm running Windows ME so I dont know any specifics when it comes to XP

 

Hey Thug, which version of ZoneAlarm do you have? Is it the free one? If so, where do you go to check "Protect the ZoneAlarm Client"?

 

Oh, never mind. I just found it....sweeeeeeet

 

You might want to look at #3 in this thread for configuration help.

 

This isn't entirely wise . . . . Could be a Trojan or other malware "phoning home" for reinforcements.
Kinda defeats the purpose of the firewall if you blindly allow everything to connect at will

PP

 

Agreed. If you're not sure, it would seem better to deny access and see if it breaks something.

 

I am constanly seeing pinging to this address about every 1-7 minutes:

incoming 192.168.0.1 to 192.168.0.100
or svchost.exe from 192.168.0.100 to 192.168.0.1:53

I know that this address 192.168.1.0 is what I type in my browser when I need to make changes in my D-link router.

Is this just normal communications between my computers and my router. Should I keep blocking it or just allow it.

 

oh. >blush< I've got the same thing happening to me. Heck, it may explain why I can't get the other computer to connect to the network..... >blush<

Um.... would you mind translating your instructions into newbie-speak, so that I can follow along?