Do I need Zone alarm running

markymark2901

I have Windows XP and a Netgear router for connecting to the web. Just read somewhere that these have their own firewall.

Do I, therefore, need to be running zone alarm as well ?

aliEnRIK

So long as you have A firewall on then no.

isofa

A basic hardware firewall in a router won't do all the jobs a good software one will. So I suggest you also run a software one, such as ZoneAlarm (although there are many others).

A good software based one (ZA etc) will monitor traffic (or requests from applications trying to gain access to the internet) trying to leave your PC long before it gets to the router and traffic entering that has already passed the router...

There are advanced routers and hardware security appliances that can do much more than either a basic router, or software firewall can.

markymark2901

Ok will leave Zone Alarm running then

Delboy24

Better safe than sorry

td_007

markymark2901 wrote: »

Ok will leave Zone Alarm running then

If you have zone alarm running, I would switch off the windows firewall. Also, it is important to configure the firewall so that you have control over which programs access internet etc. You need to find a balance between how frequently you want to be informed vs. which you know are safe so can give permanent access .

closed

No you don't need it at all, it will just slow your pc down - just make sure you have a good antivirus package. If you have a router, you don't really need windows firewall on either (but it's a good idea to leave it on). Routers use NAT (which means you will have a local 192. or 10. ip address), which stops unsolicited connection attempts automatically.

td_007

closed wrote: »

No you don't need it at all, it will just slow your pc down - just make sure you have a good antivirus package. If you have a router, you don't really need windows firewall on either (but it's a good idea to leave it on). Routers use NAT (which means you will have a local 192. or 10. ip address), which stops unsolicited connection attempts automatically.

While this is true for incoming traffic, it is useful to monitor outgoing traffic as well - unnatural program behaviors/new programs that could be the result of malwares. An antivirus and firewall is a must!

closed

That's what antivirus is for, svchost (or any process name you can think of) is trying to access the internet or act as a server, how many people say no, or even know what svchost is? As someone else said on another thread, it's bolting the stable door after the horse has bolted, saying no to the wrong process can stop things working, and any decent virus can easily bypass outbound protection.

If you want to see what's talking to the outside world, you can use netstat/tcpview/cports.

td_007

closed wrote: »

That's what antivirus is for, svchost (or any process name you can think of) is trying to access the internet or act as a server, how many people say no, or even know what svchost is? As someone else said on another thread, it's bolting the stable door after the horse has bolted, saying no to the wrong process can stop things working, and any decent virus can easily bypass outbound protection.

If you want to see what's talking to the outside world, you can use netstat/tcpview/cports.

Agreed, however the intention is to provide protection that meets the least common denominator of the internet user and in this regard basic protection is better than no protection at all. In the instance where a computer is infected and the malware is trying to make an external connection, a simple firewall (software) pop-up will at least provide a visual alert - it is not perfect. While closing the door is not as good as locking it, it better than leaving it open.