Solved

Free Personal Firewall survey

Posted on 2003-12-04
8
2,297 Views
Last Modified: 2013-11-16
As someone who often troubleshoots personal PCs with viruses and Trojans galore running around inside, I find Zone Alarm's free firewall to be an OK tool for seeing what is inside that is trying to call home.

One of my clients recently got a hardware firewall and tried to remove the Zone Alarm and had some problems.  I did a search on the internet and found that it is difficult to remove.  I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do, but without the difficulties in removal.

I will try to award points to all who answer with a unique solution.
0
Comment
Question by:WilyGuy
8 Comments
 
LVL 7

Accepted Solution

by:
Robing66066 earned 35 total points
ID: 9875262
TCPView is an excellent product for troubleshooting network based virii and trojans.  It isn't a firewall, but is a tool that keeps track of everything the PC is doing and reports it in a nice user interface.

Find it here: http://www.winternals.com/products/repairandrecovery/
0
 
LVL 9

Assisted Solution

by:TooKoolKris
TooKoolKris earned 35 total points
ID: 9875321
Here are some links to other firewalls besides Zone Alarm. I personally don't recommend software firewalls due to the fact that they register them selves as services on the pc. This can be manipulated by would be trojans and the services shut down. I have seen a couple that specialize in turning Zone Alarm off so while you think you're being protected you actualy not.

The best firewalls are hardware based and work on a packet level. With all this in mind it really boils down to the person configuring the firewall as it is only as good as the configuration on it.

Prevention
http://www.preventon.com/trial.php?product=ppfpro

Norton Personal Firewall
http://www.symantec.com/sabu/nis/npf/

Sygate
http://www.sygate.com/

Kerio
http://www.kerio.com/us/kpf_home.html

McAfee
http://us.mcafee.com/root/package.asp?pkgid=101&

0
 
LVL 18

Assisted Solution

by:chicagoan
chicagoan earned 50 total points
ID: 9875753
Is Zone Alarm is a virus? It hooks itself into your operating system, causes problem and is difficult to remove.
Oh yeah, you pay for it, that's the differerence.
 

Step 1. The most important step in uninstalling is to make sure that ZoneAlarm and its underlying TrueVector service are not running. If TrueVector is left running, certain files may not be removed or replaced.

To unload the TrueVector Service, go to the Configure panel and uncheck the box labeled: "Load ZoneAlarm at Windows startup" or "Load ZoneAlarm Pro at startup," then reboot..

If this box is grayed out: open the Internet Logs directory (in 95/98/ME this will be "c:\windows\internet logs", in NT and 2000 it will be c:\winnt\internet logs), where you will find a file called "iamdb.rdb" and a file named after your computer with the ".ldb" extension. Delete both of these files.

If you are unable to delete these files: you'll need to boot into Safe Mode in complete the task at hand.

If you are running Windows 95, 98, Me, or 2000, normally either pressing F8 at the beep, or holding the control key during bootup.

If you are running Windows NT and cannot delete these files, you may need to restart your machine from an NTFS boot disk. The following link explains how to create a bootable disk for an NTFS or FAT partition:

http://support.microsoft.com/support/kb/articles/q119/4/67.asp?LN=EN-US&SD=g

If you use the Desk Band feature, this should be disabled before uninstalling or upgrading ZoneAlarm.

To do this, right-click any unused portion of the taskbar at the bottom of the screen, select "Toolbars," and uncheck "ZoneAlarm Desk Band" (or "ZoneAlarm Pro Desk Band")."

- Step 2. REBOOT Windows (very important).

0
 
LVL 1

Assisted Solution

by:nick_s
nick_s earned 30 total points
ID: 9876571
i personally use Kerio personal firewall.

I really like it
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 24

Assisted Solution

by:SunBow
SunBow earned 50 total points
ID: 9876724
> I am looking for a firewall that is small and can do the type of thing that I am asking Zone Alarm to do

Have you tried Sygate?  It is close to ZA. Others like Symantec, McAfee, and MicroSoft are different. (and IMO not as good because of that).

> One of my clients recently got a hardware firewall and tried to remove the Zone Alarm

Why?

Answer: Tell client they should keep ZA, and move on to other issues such as upgrading MS S/W again.

Reason: ZA (and Sygate) block outbound traffic as well as inbound. This is closer to firewall (hw) capability than others. If the customer/client has only one PC/client behind HW firewall there's no need for the duplicate. But if you/they have more than one PC, then the HW firewall cannot defend them from each other. That is where the SW firewall can still produce a great benefit, and last I heard, Microsoft itself still recommends SW firewall to supplement the HW one (they'd like you to use theirs, of course).

I agree with anyone/everyone who claims that SW should have an uninstall that completely removes everything (like an undo) or else they risk us also labeling them as having an embedded trojan.
0
 
LVL 24

Expert Comment

by:SunBow
ID: 9876749
also, if you/customer get used to a SW firewall, even BlackICE, you/they may also get used to having their logfile available to help you understand what is accessing what and how, and to have a level of filtering in addition to the ones a typical HW firewall limit you to. For example, rather than completely shutting down a port, you can limit access to the port to a single server, etc.
0
 
LVL 15

Author Comment

by:WilyGuy
ID: 9877416
Increasing points to allow a better split.
0
 
LVL 7

Expert Comment

by:Robing66066
ID: 9877571
Thanks for the grade and the points!
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now