ZA Capabilities

[Blinky the Shark]

Can ZA do as recommended here? (I know Kerio can -- just wondering if
ZA's application-based approach offers this kind of control.)

[relevant q]

The SANS institute has issued to following advice on guarding against
the spread of the worm:

Close port 135/TCP (and if possible 135-139, 445 and 593)

Monitor TCP Port 4444 and UDP Port 69 (tftp) which are also used by the
worm

[/relevant q]

Source: http://www.theregister.co.uk/content/56/32286.html

 

[Aaron]

Can ZA do as recommended here? (I know Kerio can -- just wondering if
ZA's application-based approach offers this kind of control.)

No. Now you know why more advanced users prefer kerio

[relevant q]

The SANS institute has issued to following advice on guarding against
the spread of the worm:

Close port 135/TCP (and if possible 135-139, 445 and 593)

The free version? No, not specifically, the free versions dont allow you
to specify which ports to open or close, only the apps allowed to access
the net (on whatever port they like).

But firewalls work by not allowing anything through unless you explictly
allow them to, so ZA should by default block TCP 135 anyway....


Aaron

 

[Blinky the Shark]

No. Now you know why more advanced users prefer kerio

Let's just say I *am*[1] a Kerio user. (Used ZA until I discovered Kerio
when it was Tiny, after trying AtGuard for a while, a long time ago.)

[relevant q]
The SANS institute has issued to following advice on guarding against
the spread of the worm:
Close port 135/TCP (and if possible 135-139, 445 and 593)

The free version? No, not specifically, the free versions dont allow you
to specify which ports to open or close, only the apps allowed to access
the net (on whatever port they like).

I thought maybe since I'd uninstalled it, they might have added those
capabilities.

But firewalls work by not allowing anything through unless you explictly
allow them to, so ZA should by default block TCP 135 anyway....

So ZA would alert you to something being on 135, say, and ask you to
block it -- everywhere?

[1]The rare times I go online with Windows -- just to check my website
in IE.

 

[Guest]

I switrched to kerio after trying ZA free, and pro..

ZA was just a bloated Firewall. Kerio did the same, only better.. so i
switched..

ZA crashed ocasionally too where kerio is solid

-Larry B

 

[Jordan]

I am not sure about the free version, but I know the Pro version does
allow you to close any specific port of your choosing. I have not used
the free version since 2.x. So I am not sure if they now include it or
not.

In the Pro version you have to go click "Firewall", then "Main" tab,
then click on "Custom" in the "Internet Security Zone", a pop up will
appear, scroll down until you see the "Block" choices. There are
options for incoming and outgoing UDP and TCP. Click on them and
specify which ports to block.

Maybe someone who is using the latest free ZA can check where I just
mentioned to see if it is available in the free version.

No, you can't close specific ports in the latest ZAF (free). It's strictly
program based.

 

[Blinky the Shark]

I switrched to kerio after trying ZA free, and pro..

ZA was just a bloated Firewall. Kerio did the same, only better.. so i
switched..

ZA crashed ocasionally too where kerio is solid

-Larry B

Yes, I found Tiny/Kerio more stable, as well.

 

[Aaron]

I thought maybe since I'd uninstalled it, they might have added those
capabilities.

They will never add that feature in ZA free. ZA free is the AOL of
firewalls, it's easy to use and popular mainly because it avoids the use
of terminology like TCP/UDP etc.

App based firewalls are easy, just decide what you want to go out ,done!

On the other hand they added this term "server rights" , when i was first
starting out i wasnt very clear on exactly what this was, and the help
file didnt seem all that clear either...Nowdays I know....

So ZA would alert you to something being on 135, say, and ask you to
block it -- everywhere?

It would warn you something is trying to access through 135, and ask you
to allow, block or whatever. It also depends on the settings, whether you
want to be borthered by all requests or just block all. Not all that
different from Kerio, except there are 2 diff scales for the internal and
external network.



Aaron

 

[Mel]

It would warn you something is trying to access through 135, and ask you
to allow, block or whatever. It also depends on the settings, whether you
want to be borthered by all requests or just block all. Not all that
different from Kerio, except there are 2 diff scales for the internal and
external network.



Aaron

ZA free wouldn't actually give a choice to allow it, just block it and flash up
the alert, except I'd guess that alerts aren't enabled on most za users PCs
(it ALWAYS seemed to be alerting me of something unimportant -
and you can't choose what to be warned about either),
although it would still log the event.