Tweaking free version of Zone Alarm

Topic

New Reply

I have the free version of Zone Alarm (7 0 483).

I recently checked the security of my computer using PC Flank’s Stealth Test and Shields Up. The former suggested that my computer is safe from remote attacks and Trojans but that my browser [Firefox] reports on sites previously visited and suggests that I adjust settings in my firewall to prevent this. The latter said the my computer’s ports are sufficiently hidden (“stealth”) but that the computer replies to ping (ICMP Echo) requests, and suggests that I adjust settings in my firewall to prevent this.

Are these adjustments possible in the free version of ZA, or would I need to buy the commercial version?

Thanks.

Joel

Reply | Quote

Replies

Let me start by asking if your computer “system” includes a router? If it does, I would offer the following. Several years ago when I checked the “stealth” condition of my system with GRC’s Shield’s Up, it reported a problem with my port 113. I have re-directed that port on my hardware (Linksys) router in accordance with Gibson’s instructions at the time and I continue to get complete “stealth” ratings from his Shield’s Up, even now. If you go back to his site, look for “Adaptive IDENT Stealthing Experimentation” which talks about this problem and Zone Alarm. It seems to me you don’t need to do anything with ZA but you could have a problem similar to my original.

I have no familiarity with PC Flank Stealth test and since you didn’t provide a link, I’ll go looking for it now.

Reply | Quote

And, if this is the proper link: PC Flank: Make sure you’re protected on all sides.

I got the following result for my computer.

Reply | Quote

You should be able to create or edit the rule for how to handle ping (ICMP Echo) requests. This is a normal function of a firewall.

The report on Firefox is unclear to me. Are they referring to cookies? Browsing history??

Reply | Quote

Al has already mentioned a router as possible cause; it is also mentioned in several threads at ZoneAlarm User Forum:
GRC Test tells me ping was answered
ZoneAlarm not blocking ICMP echo?

If you search the forum and a suitable board (such as “ZoneAlarm Configuration”, “Security Issues” etc.) for “ICMP echo” you will find more info. It seems that in certain cases it can be the modem that is answering and not the PC/firewall (ZA): ICMP echo requests (Ping). I understand that some ISPs use ping to see if a user is still connected, but I don’t know how common that is.

“Are these adjustments possible in the free version of ZA …”

It seems it could be a modem/router setting as well as ZA, but for the ZA settings:

From page 255 in User Guide for ZoneAlarm security software, version 7.0 (See TECHNICAL SUPPORT ZoneAlarm):
[indent]

---

To configure ZoneAlarm security software to allow ping messages:
1. Select Firewall|Main.
2. In the Internet Zone area, click Custom.
3. Select check box labeled Allow incoming ping (ICMP echo).
4. Click OK.
5. Set the security level for the Internet Zone to Medium.
See “Choosing security levels,” on page 43.

---

[/indent]
I am using another version of the ZA Free, so I can’t check. But I thought it was possible to make an exception (Allow …) still on High, but it seems you have to lower the security level in Internet Zone to medium.

This is NOT a good thing. So, since it’s reported that it allows ICMP echo, you may want to check that the Internet Zone is at High (if you have no other reasons running on Medium), and if the setting above (Allow incoming …) is checked.

But I don’t know anything in this case about certain modems or routers.

Reply | Quote

Thanks to all who replied. My version of ZA doesn’t seem to allow for these settings…but maybe it’s just the modem (router) pinging back.

Joel

Reply | Quote

You haven’t specifically answered my question in my earlier post – do you use a router? If so, go in to its settings and find wherever “port forwarding” is located and do something like this attachment. As I said, it was recommended at the GRC.COM web site and hasn’t caused any problem for me. I have a Linksys router, so yours may be different. If you try this, then repeat your tests to see what results you get.

Reply | Quote

Thanks. I have an ADSL modem/router. Will look at the manual (probably this weekend) and report back.

Joel

Reply | Quote