Our Experience with ZoneAlarm Personal Firewall Updated on January 20, 2008 Our home PC is connected to the internet via cable all the time. Even though we have VirusScan Online by McAfee, we still worry about our computer being tampered with by worms, Trojan horses and spyware (they stay inside your computer and send stuff to a remote place) or being attacked directly by hackers from the outside. Indeed it happened one day. But amazingly it was stopped effectively by the free version of ZoneAlarm software, a personal firewall, or "Internet Lock" as we call it... Hi, Aubrey and Margaret here! We heard a lot about firewalls before we were forced to actually use one. Allow us to tell you the incident we encountered... First, to give you a litttle background... Our computer is connected to the internet through cable all the time. We worry about that. Aubrey used to unplug the internet cable when he did not use the internet for a long time, only to find that he needed to re-boot the computer when he needed to get online again. What Happened... One day we found that our computer was very slow. The hard drive light flashed on and off all the time, even though we were not running any program. Initially we thought there were viruses, so we scanned the entire hard drive with McAfee VirusScan Online. No virus was found. Then Aubrey removed some rarely-used programs and fine-tuned the computer by following Daniel Sanderson's Double the Speed of Your Computer procedures without installing any software or hardware. True, the speed picked up a bit, but not significantly. We heard about worms, Trojan horses and spyware, programs hiding inside the computer by whatever means. We knew they do not do any harm to our PC, but when they are active in the background, they either eat up the RAM, or worse, send out our personal data to remote unknown sources. We got concerned. "How do we prevent that from happenning?" we asked. How Did We Solve the Problem... By this time, Margaret pointed out an artical she read from the "e-Business" section of Calgary Herald (a local newspaper). She left it right on the top of the bookshelf by the computer. Aubrey grabbed it. There, on page C9 of the Tuesday, July 2nd edition, Grace Casselman mentioned a free ZoneAlarm firewall program from a company called Zone Labs. Within a minute, Aubrey had downloaded the free version of ZoneAlarm and had run it to see how it worked. Right on, both the cable modem and hard drive lights stopped flashing! What We Learned... After reading Zone Lab's intro manual , we started to understand what it is and how it works. In fact, we feel strongly that it should be called "Internet Lock" rather than a "Firewall." Although we still do not know the details, we understand that it locks all ports through which internet traffic go in and out. It is like disconnecting the internet cable without doing it physically. Then the software controls what local programs can access the internet and what cannot (out-bound traffic control). It also controls what remote sites can communicate with our computer (in-bound traffic control). It is like you've found some burglars inside your house. Do you let them out with your valuable personal belongings? No! You lock them up inside the house while you call the police to capture them. For example, we use Internet Explorer to view web sites all the time, so we tell the free version of ZoneAlarm software to open the door to allow our browser to talk to the remote sites. If we open our FTP program to upload things, ZoneAlarm will ask if it is OK to give green light to this program. This way, when an unknow program hiding inside our computer tries to send data to the outside world, it cannot unless we click a button on the warning screen giving it the permission. Besides controlling the out-bound traffic at our computer, ZoneAlarm also filters traffic from the outside. Firstly, it hides our computer from all other computers on the Internet, and prevents sharing with any computer, effectively bullet-proofing our computer. Secondly, when a hacker tries to see if there is a security hole at our computer, the software warns us about this attempt and tells us when and from what IP address it is initiated. Interestingly, every 10 minutes or so our computer get hit by an outside source. Eventually we turned off the alert, knowing that our PC is bullet-proof and we do not have to worry about these intrusions. Once you get the burglars locked up inside (and hopefully captured), you know you should take some steps to prevent your house from future break-in! When we are not at the computer, we simply shut off the entire internet traffic (both in-bound and out-bound) immediately by clicking a buttom. We also set it to automatically shut off the traffic after 15 minutes of inactivity - no need to unplug the cable any more! If we like, we can also activate the auto shutoff whenever our screen saver is on. Also included in the free version is Basic MailSafe, which protects our computer from incoming email attachments that may contain malicious codes or viruses. Basic MailSafe demonstrates how it quarantines VBScript files (*.vbs) in the attachments, preventing them from running without our permission. Discern what is going out and coming into your computer. Have a safe connection to the outside world! Aubrey + Margaret Zhang http://TheoLogos.net http://SelfWebHosting.com http://Gain4You.net P.S. This is to answer a frequently asked question: Do I have to open an account and enter a username and password in order to re-route the traffic to the firewall server? Answer: NO! ZoneAlarm is a piece of software that is built differently from others. It does not use any server, which slows down the traffic going in and out your computer when the traffic is bottle-necked at a busy server. Rather, it control the ports on your local PC, either open it or close it for certains programs or internet site. Remember, it acts as a LOCK, not a FUNNEL. After installing this ZoneAlarm firewall, we immediately cancelled the firewall account at our cable internet provider (opened just a few days before we learned about ZoneAlarm). P.P.S. While revisiting Gibson Research Corporation's website, Aubrey was amazed to find that Steven Gibson, the "cracker" guy behind Gibson Research, compared ZoneAlarm (free version) with BlackICE Defender (a popular personal firewall that sells $39.95) and many other firewalls included in the most popular internet security packages. On his firewall leak test scoreboard page, he marks "Never Leaked" for both the ZoneAlarm Free and Pro version - ZoneAlarm is the only package that earns this status! It is an interesting story to read and Steve's site is a good place to stop by if you are concerned about the Denial of Service (DOS) to your computer and website.