Is Zone Alarm necessary with a DSL firewall?

[Pappion]

My DSL company told me that since we activated their firewall (through my IE browser) I should deactivate Zone Alarm, because two were not needed.

I agree with that, but what is some expert opinions on this?

I have AdAware, Spybot Search & Destroy, and run Housecall every 2 wks. My AV is run daily, and automatically updated as are Windows Updates automatically downloaded. Thus far, since owning this system (and before) I've had no serious malware, Virus, or Trojans.

But, lately had a deluge of spam, which my DSL company says may indicate "This is a form of "spoofing" and I should clean my mailbox, because it won't go away if there's something in an email. But, my Grisoft AV checks my incoming and outgoing email...I think! Note: this was prior to upgrading my DSL modem to one that had a router in it.

My system is HP dc5000 uT (Invent business desk top computer), running MS XP Pro, V2002, Service Pack 2.

Thank you.

 

[Another Brian]

You can deactivate ZA, but it is generally good practice to have both
a hardware firewall and a software firewall. ZA has an advantage over
most in that it also blocks outgoing.


My DSL company told me that since we activated their firewall (through
my IE browser) I should deactivate Zone Alarm, because two were not
needed.

I agree with that, but what is some expert opinions on this?

I have AdAware, Spybot Search & Destroy, and run Housecall every 2
wks. My AV is run daily, and automatically updated as are Windows
Updates automatically downloaded. Thus far, since owning this system
(and before) I've had no serious malware, Virus, or Trojans.

But, lately had a deluge of spam, which my DSL company says may
indicate "This is a form of "spoofing" and I should clean my mailbox,
because it won't go away if there's something in an email. But, my
Grisoft AV checks my incoming and outgoing email...I think! Note: this
was prior to upgrading my DSL modem to one that had a router in it.

My system is HP dc5000 uT (Invent business desk top computer), running
MS XP Pro, V2002, Service Pack 2.

Thank you.

 

[Pop`]

My DSL company told me that since we activated their firewall
(through my IE browser) I should deactivate Zone Alarm, because two
were not needed.

I agree with that, but what is some expert opinions on this?

Well, there are too many missing details here, but ... if your DSL router
contains a NAT router, then the best situation it the NAT (a hardware
firewall) backed up by a software firewall such as Zone Alarm. In fact, at
the moment general concensus seems to be that NAT plus ZA is the best
combination to have.

So, if that's the case you should keep ZA.

If however your ISP gave you some sort of software firewall in addition to
the hardware NAT, then yes, one of the two software firewalls should be
disabled. Which one is your decision; I already stated my opinion on ZA.

I have AdAware, Spybot Search & Destroy, and run Housecall every 2
wks. My AV is run daily, and automatically updated as are Windows
Updates automatically downloaded. Thus far, since owning this system
(and before) I've had no serious malware, Virus, or Trojans.

Continue. That's a decent arsenal that should serve you well.

But, lately had a deluge of spam, which my DSL company says may
indicate "This is a form of "spoofing" and I should clean my mailbox,
because it won't go away if there's something in an email. But, my
Grisoft AV checks my incoming and outgoing email...I think! Note:
this was prior to upgrading my DSL modem to one that had a router in
it.

Whoever's telling you to clean your mailbox is an idiot. IFF you're
infected, deleting an email won't get rid of it; that advice is BS.
FWIW, there has been a large upswing in the amount of spam flying around
lately so that's likely what you're seeing. Just about everyone is seeing
it. But that has nothign to do with firewalls, spyware or viruses; spam is
its own animal.

My system is HP dc5000 uT (Invent business desk top computer),
running MS XP Pro, V2002, Service Pack 2.

Thank you.

One parting word: It's usually "bad" to be scanning outgoing emails with
antivirus. The reason is, for me, occasional problems and timeouts can
cause mail to go to the Sent folder and to look like it went out when it
actually did not. I've turned off my outgoing email scans for exactly that
reason.
Many will tell you to also kill the incoming scans of email, alluding to
the fact that it's not needed because regular AV software will still catch
it, but personally I've had no problems with scanning outgoing emails, nor
has anyone else I know of. I'd rather catch it before it even hits my hard
drive, so I leave the outgoing scans running. Ymmv of course, but that's my
experience and I feel strongly about it. I suspect there will be a scream
or two that I said I'd leave incoming scanning enabled; so be it<g>.

Also, please switch to Plain Text for newsgroup posts; html should not be
used in newsgroups for many reasons.

HTH
Pop`

 

[gls858]

Well, there are too many missing details here, but ... if your DSL router
contains a NAT router, then the best situation it the NAT (a hardware
firewall) backed up by a software firewall such as Zone Alarm. In fact, at
the moment general concensus seems to be that NAT plus ZA is the best
combination to have.

So, if that's the case you should keep ZA.

If however your ISP gave you some sort of software firewall in addition to
the hardware NAT, then yes, one of the two software firewalls should be
disabled. Which one is your decision; I already stated my opinion on ZA.


Continue. That's a decent arsenal that should serve you well.

Whoever's telling you to clean your mailbox is an idiot. IFF you're
infected, deleting an email won't get rid of it; that advice is BS.
FWIW, there has been a large upswing in the amount of spam flying around
lately so that's likely what you're seeing. Just about everyone is seeing
it. But that has nothign to do with firewalls, spyware or viruses; spam is
its own animal.

One parting word: It's usually "bad" to be scanning outgoing emails with
antivirus. The reason is, for me, occasional problems and timeouts can
cause mail to go to the Sent folder and to look like it went out when it
actually did not. I've turned off my outgoing email scans for exactly that
reason.
Many will tell you to also kill the incoming scans of email, alluding to
the fact that it's not needed because regular AV software will still catch
it, but personally I've had no problems with scanning outgoing emails, nor
has anyone else I know of. I'd rather catch it before it even hits my hard
drive, so I leave the outgoing scans running. Ymmv of course, but that's my
experience and I feel strongly about it. I suspect there will be a scream
or two that I said I'd leave incoming scanning enabled; so be it<g>.

Also, please switch to Plain Text for newsgroup posts; html should not be
used in newsgroups for many reasons.

HTH
Pop`

NAT is not a firewall.

http://kalsey.com/2003/10/nat_is_not_a_firewall/

gls858

 

[DanS]

NAT is not a firewall.

http://kalsey.com/2003/10/nat_is_not_a_firewall/

gls858

Well, then the Windows 'FireWall' is not a firewall either, according to
that definition, since it does not monitor outgoing data either.

The author also states.....'I know someone will point out that my
description of NAT is a gross simplification and isn’t entirely accurate,
so I’m going to mention up front that I know that.'

I also agree with the author that firewalling is a byproduct of NAT. So
yes, NAT is not a true firewall, but you are 1000 times safer connecting
your always-on broadband connection to a 'NAT device' than directly to a
PC.

DanS

 

[Pappion]

Thank you... and sorry about the html duh!

My DSL company told me that since we activated their firewall
(through my IE browser) I should deactivate Zone Alarm, because two
were not needed.

I agree with that, but what is some expert opinions on this?

Well, there are too many missing details here, but ... if your DSL router
contains a NAT router, then the best situation it the NAT (a hardware
firewall) backed up by a software firewall such as Zone Alarm. In fact, at
the moment general concensus seems to be that NAT plus ZA is the best
combination to have.

So, if that's the case you should keep ZA.

If however your ISP gave you some sort of software firewall in addition to
the hardware NAT, then yes, one of the two software firewalls should be
disabled. Which one is your decision; I already stated my opinion on ZA.

I have AdAware, Spybot Search & Destroy, and run Housecall every 2
wks. My AV is run daily, and automatically updated as are Windows
Updates automatically downloaded. Thus far, since owning this system
(and before) I've had no serious malware, Virus, or Trojans.

Continue. That's a decent arsenal that should serve you well.

But, lately had a deluge of spam, which my DSL company says may
indicate "This is a form of "spoofing" and I should clean my mailbox,
because it won't go away if there's something in an email. But, my
Grisoft AV checks my incoming and outgoing email...I think! Note:
this was prior to upgrading my DSL modem to one that had a router in
it.

Whoever's telling you to clean your mailbox is an idiot. IFF you're
infected, deleting an email won't get rid of it; that advice is BS.
FWIW, there has been a large upswing in the amount of spam flying around
lately so that's likely what you're seeing. Just about everyone is seeing
it. But that has nothign to do with firewalls, spyware or viruses; spam is
its own animal.

My system is HP dc5000 uT (Invent business desk top computer),
running MS XP Pro, V2002, Service Pack 2.

Thank you.

One parting word: It's usually "bad" to be scanning outgoing emails with
antivirus. The reason is, for me, occasional problems and timeouts can
cause mail to go to the Sent folder and to look like it went out when it
actually did not. I've turned off my outgoing email scans for exactly that
reason.
Many will tell you to also kill the incoming scans of email, alluding to
the fact that it's not needed because regular AV software will still catch
it, but personally I've had no problems with scanning outgoing emails, nor
has anyone else I know of. I'd rather catch it before it even hits my hard
drive, so I leave the outgoing scans running. Ymmv of course, but that's my
experience and I feel strongly about it. I suspect there will be a scream
or two that I said I'd leave incoming scanning enabled; so be it<g>.

Also, please switch to Plain Text for newsgroup posts; html should not be
used in newsgroups for many reasons.

HTH
Pop`

 

[Sharon F]

My DSL company told me that since we activated their firewall (through my
IE browser) I should deactivate Zone Alarm, because two were not needed.

What kind of firewall does your ISP provide? The answer to that will help
others to answer your question more accurately.

 

[gls858]

Well, then the Windows 'FireWall' is not a firewall either, according to
that definition, since it does not monitor outgoing data either.

The author also states.....'I know someone will point out that my
description of NAT is a gross simplification and isn’t entirely accurate,
so I’m going to mention up front that I know that.'

I also agree with the author that firewalling is a byproduct of NAT. So
yes, NAT is not a true firewall, but you are 1000 times safer connecting
your always-on broadband connection to a 'NAT device' than directly to a
PC.

DanS

I agree.

gls858

 

[Pappion]

I'll check...they told me to pen my IE and type in a few letters then "turn
it on..." Its a Siemens Speedstream 4200.

Thank you.

 

[Pappion]

I typed in 192.168.254.254 and a simple page opened to turn on the
"firewall." Does that help??

I'll check...they told me to pen my IE and type in a few letters then
"turn it on..." Its a Siemens Speedstream 4200.

Thank you.

 

[Pappion]

PS: they also told me I did not need to turn my computer off (electrically
via the surge suppressor as I've always done), and could safely leave it on
all night--"it takes the same power to turn it on as it would leaving it on,
and it's well protected, now." Comment???

I typed in 192.168.254.254 and a simple page opened to turn on the
"firewall." Does that help??

 

[DanS]

PS: they also told me I did not need to turn my computer off
(electrically via the surge suppressor as I've always done), and could
safely leave it on all night--"it takes the same power to turn it on
as it would leaving it on, and it's well protected, now." Comment???

Great, another always on or shutdown at night controversy. 6 of 1/half-
dozen of the other.

But it takes the same amount of power to turn it on as it uses to leave it
on all night ? That's just stupid. The 'more' power it takes to turn it on
is for 1 or 2 seconds, making the HD's spin up, that's it. Which
consequentially (sp.), may be happening many times during the on time
anyway, if you have power-saving enabled.

If your reason for turning it off is to save electricity, by all means, do
so.

 

[Ken Blake, MVP]

PS: they also told me I did not need to turn my computer off
(electrically via the surge suppressor as I've always done), and
could safely leave it on all night--

This question is asked periodically and usually garners all sorts of fervent
responses, on both sides of the question. Some people never turn off their
computers, claiming turning them off can cause the hardware to fail sooner.
Others turn them on and off multiple times each day, to save electricity.

My view is that it doesn't matter very much either way, and you should do
what works best for you. Personally I power on once a day, when I get up in
the morning, and power off once a day, when I go to bed at night.

"it takes the same power to turn
it on as it would leaving it on,

But that is simply nonsense. Not at all true.

 

[Pappion]

re "may be happening many times during the on time anyway, if you have
power-saving enabled."

How can I check that, and should I have it enabled? I have XP Pro, SP2.

 

[Pappion]

re I power on once a day, when I get up in
the morning, and power off once a day, when I go to bed at night.
That is exactly what I do, and often unplug my portable phones for a day or
longer, or they muck up now and then. LOL

I checked my outside power meter, and found the answer--thanks to all of
you. My DSL so-called "tech" is full of crapola. Sheesh. I upgraded to a
"faster modem" and now I'm not even sure that is what I have. They may have
just set my speed up, IMHO. Grrrrrr

 

[DanS]

re "may be happening many times during the on time anyway, if you have
power-saving enabled."

How can I check that, and should I have it enabled? I have XP Pro,
SP2.

In the control panel under 'Power Options'.

 

[Sharon F]

I typed in 192.168.254.254 and a simple page opened to turn on the
"firewall." Does that help??

Okay, it sounds like you have a modem that includes NAT routing and a
"firewall." Firewall is not actually a correct term for this what this is.
It is not a hardware or software firewall but a type of technology that
functions very similar to a firewall.

At the very least I would also enable Windows built-in firewall (that's how
I run on my home network).

If you desire some finer granularity (control) of outbound traffic, then
don't enable the Windows firewall and install a third party software
solution such as Zone Alarm instead. In this scenario, Zone Alarm or
similar would not interfere with what your modem/router is doing.

As for not turning off the computer - I still do it. We get thunderstorms
that can knock out expensive electronic equipment in the blink of an eye
and occasionally enough wind to disrupt the power supply. Also... and this
is just personal opinion... I think it's more "earth-friendly" to not
consume power when you don't need to.

 

[DanS]

As for not turning off the computer - I still do it. We get
thunderstorms that can knock out expensive electronic equipment in the
blink of an eye and occasionally enough wind to disrupt the power
supply. Also... and this is just personal opinion... I think it's more
"earth-friendly" to not consume power when you don't need to.

Many people don't realize that a quality UPS, not necessarily a huge one,
just not a super-cheapy, have benefits beyond poer backup. They will
protect as a surge protector as well as act as a line 'conditioner'. You
know, like the $150 Monster surge protector/conditioners they try to sell
you when you by a flat panel TV.

You can get the same benefit from a sub-$100 (not $30) UPS. It doesn't need
to be huge, as you really only need 10 or 15 minutes worth of power. Enough
to keep you running for those short lived glitches of a minute or 2, and
that also gives you plenty of time to shutdown your computer properly,
instead of the power just dropping in the middle of extended disk access.

 

[Pappion]

Agree with both of you, and I do have one, and went back to shutting down at
the end of my sessions (I'm a writer).

 

[Sharon F]

Many people don't realize that a quality UPS, not necessarily a huge one,
just not a super-cheapy, have benefits beyond poer backup. They will
protect as a surge protector as well as act as a line 'conditioner'. You
know, like the $150 Monster surge protector/conditioners they try to sell
you when you by a flat panel TV.

You can get the same benefit from a sub-$100 (not $30) UPS. It doesn't need
to be huge, as you really only need 10 or 15 minutes worth of power. Enough
to keep you running for those short lived glitches of a minute or 2, and
that also gives you plenty of time to shutdown your computer properly,
instead of the power just dropping in the middle of extended disk access.

Good point. Have two of these in the computer room. One in the living room for
entertainment gear. They're worth every penny (lots of pennies)!