Thread: XP firewall v. Zonealarm
View Single Post
Old 25-10-2006, 19:29   #22
SnoopZ
CF Resident Dog
 
SnoopZ's Avatar
 
Join Date: Mar 2005
Posts: 15,070
SnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny stars
SnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny starsSnoopZ has a pair of shiny stars
Re: XP firewall v. Zonealarm
Quote:
Originally Posted by ADd View Post
The control that a software firewall gives is based upon rules. For Zonealarm it has built in rules, setup for ease of use - especially for those who do not wish to be bogged-down by setting up application behaviour, and connections. Many of these are set by default, and you will not be aware they have been allowed by the firewall, for example Jetico on the other hand is more user intensive, and more for those that know what should/shouldn't be allowed to access what files, and what ports should be opened/closed. Basically you have to set most of these rules up yourself.

While it is true you will still be able to get a virus, unlike a trojan or worm, a virus will not connect to the internet. When you get infected by a trojan it will attempt to connect to the internet to download other malware files to infect your system. This can be through P2P, drive by downloads by visiting dodgy web pages, amoungst others. A good software will alert you that the trojan is attempting to connect, and allow you to block this with a rule. This alert should make you undertake a scan.

A software firewall will not completely protect, but will allow a user more leeway to make mistakes while browsing, downloading or opening attachments. So it may save you from a stray click - only being infected by one file or script - instead of being totally compromised. It also allows the user more control, and gives you more information on what is running, and where it is connecting to.

Of course this does not take into account kernel based rootkits, but that is another story...

In my experience a router will significantly reduce the workload on a software firewall, as it will stop the usual internet 'noise' even getting to the system, and many packets. However it needs to be well setup, and does not allow the control that a software firewall gives. You can protect yourself from worms/viruses and trojans, but the sotware firewall gives you that extra control and security when you do get infected; therefore, in my opinion, it is a must in a modern pc users layered protection.
Very well explained. I agree with you a 100%
SnoopZ is offline   Reply With Quote