• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2335
  • Last Modified:

Free Personal Firewall survey

As someone who often troubleshoots personal PCs with viruses and Trojans galore running around inside, I find Zone Alarm's free firewall to be an OK tool for seeing what is inside that is trying to call home.

One of my clients recently got a hardware firewall and tried to remove the Zone Alarm and had some problems.  I did a search on the internet and found that it is difficult to remove.  I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do, but without the difficulties in removal.

I will try to award points to all who answer with a unique solution.
0
WilyGuy
Asked:
WilyGuy
5 Solutions
 
Robing66066Commented:
TCPView is an excellent product for troubleshooting network based virii and trojans.  It isn't a firewall, but is a tool that keeps track of everything the PC is doing and reports it in a nice user interface.

Find it here: http://www.winternals.com/products/repairandrecovery/
0
 
TooKoolKrisCommented:
Here are some links to other firewalls besides Zone Alarm. I personally don't recommend software firewalls due to the fact that they register them selves as services on the pc. This can be manipulated by would be trojans and the services shut down. I have seen a couple that specialize in turning Zone Alarm off so while you think you're being protected you actualy not.

The best firewalls are hardware based and work on a packet level. With all this in mind it really boils down to the person configuring the firewall as it is only as good as the configuration on it.

Prevention
http://www.preventon.com/trial.php?product=ppfpro

Norton Personal Firewall
http://www.symantec.com/sabu/nis/npf/

Sygate
http://www.sygate.com/

Kerio
http://www.kerio.com/us/kpf_home.html

McAfee
http://us.mcafee.com/root/package.asp?pkgid=101&

0
 
chicagoanCommented:
Is Zone Alarm is a virus? It hooks itself into your operating system, causes problem and is difficult to remove.
Oh yeah, you pay for it, that's the differerence.
 

Step 1. The most important step in uninstalling is to make sure that ZoneAlarm and its underlying TrueVector service are not running. If TrueVector is left running, certain files may not be removed or replaced.

To unload the TrueVector Service, go to the Configure panel and uncheck the box labeled: "Load ZoneAlarm at Windows startup" or "Load ZoneAlarm Pro at startup," then reboot..

If this box is grayed out: open the Internet Logs directory (in 95/98/ME this will be "c:\windows\internet logs", in NT and 2000 it will be c:\winnt\internet logs), where you will find a file called "iamdb.rdb" and a file named after your computer with the ".ldb" extension. Delete both of these files.

If you are unable to delete these files: you'll need to boot into Safe Mode in complete the task at hand.

If you are running Windows 95, 98, Me, or 2000, normally either pressing F8 at the beep, or holding the control key during bootup.

If you are running Windows NT and cannot delete these files, you may need to restart your machine from an NTFS boot disk. The following link explains how to create a bootable disk for an NTFS or FAT partition:

http://support.microsoft.com/support/kb/articles/q119/4/67.asp?LN=EN-US&SD=g

If you use the Desk Band feature, this should be disabled before uninstalling or upgrading ZoneAlarm.

To do this, right-click any unused portion of the taskbar at the bottom of the screen, select "Toolbars," and uncheck "ZoneAlarm Desk Band" (or "ZoneAlarm Pro Desk Band")."

- Step 2. REBOOT Windows (very important).

0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
nick_sCommented:
i personally use Kerio personal firewall.

I really like it
0
 
SunBowCommented:
> I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do

Have you tried Sygate?  It is close to ZA. Others like Symantec, McAfee, and MicroSoft are different. (and IMO not as good because of that).

> One of my clients recently got a hardware firewall and tried to remove the Zone Alarm

Why?

Answer: Tell client they should keep ZA, and move on to other issues such as upgrading MS S/W again.

Reason: ZA (and Sygate) block outbound traffic as well as inbound. This is closer to firewall (hw) capability than others. If the customer/client has only one PC/client behind HW firewall there's no need for the duplicate. But if you/they have more than one PC, then the HW firewall cannot defend them from each other. That is where the SW firewall can still produce a great benefit, and last I heard, Microsoft itself still recommends SW firewall to supplement the HW one (they'd like you to use theirs, of course).

I agree with anyone/everyone who claims that SW should have an uninstall that completely removes everything (like an undo) or else they risk us also labeling them as having an embedded trojan.
0
 
SunBowCommented:
also, if you/customer get used to a SW firewall, even BlackICE, you/they may also get used to having their logfile available to help you understand what is accessing what and how, and to have a level of filtering in addition to the ones a typical HW firewall limit you to. For example, rather than completely shutting down a port, you can limit access to the port to a single server, etc.
0
 
WilyGuyAuthor Commented:
Increasing points to allow a better split.
0
 
Robing66066Commented:
Thanks for the grade and the points!
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now