Results 1 to 13 of 13

Thread: Zone Alarm Tweaking

  1. #1
    Titanium Member TZ Veteran Denyse's Avatar
    Join Date
    Mar 2005
    Location
    USA
    Posts
    634

    Zone Alarm Tweaking

    I have been using the same basic tweaking for a long time now. But, I am sure there must be the "ultimate" tweak" out there somewhere to provide the best security possible.

    This is what I have...


    Internet Zone and Trusted Zone are both set to HIGH, and the custom settings for both zones are as follows:

    I "checked" broadcastmulticast in the High Security section - nothing else

    In the Medium Security section ALL of the boxes are "checked"

    I Block INCOMING UDP and TCP Ports: 1-65535

    I also Block OUTGOING UDP and TCP Ports: 1-19, 22-79, 82-7999, 8082-65535


    What can I do to make it better ?

  2. #2
    Nobody knows I'm a dog. TZ Veteran petard's Avatar
    Join Date
    Feb 2003
    Location
    Newspapastan
    Posts
    1,050
    If you really want more security put your computer behind a hardware firewall. Extra "layers" never hurt.

    Many thanks to egghead for the cool .sig

  3. #3
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,415
    Maybe she already has a hard one.

    What can I do to make it better ?
    KISS it?

    Anyway, different softwall but I'm sure you can adjust. Here's what I use for my global and ICMP settings. All DNS is per application - so I have DNS client disabled in services



    I'm not sure how much control you have with ZA but it's nice to control or try to control every connection an app attempts to make (as opposed to the general "allow" disallow")


    Last edited by lynchknot; May 9th, 2005 at 02:15 AM.

  4. #4
    Titanium Member TZ Veteran Denyse's Avatar
    Join Date
    Mar 2005
    Location
    USA
    Posts
    634
    Quote Originally Posted by lynchknot
    Maybe she already has a hard one.

    KISS it?
    OK



    But, are you sure that will help ?


    Anywhosit... can you suggest a Hardware Firewall? I think at work there is something called a RED BRICK
    Last edited by Denyse; May 9th, 2005 at 03:49 AM.

  5. #5
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,415
    Quote Originally Posted by Denyse01
    OK



    But, are you sure that will help ?


    Anywhosit... can you suggest a Hardware Firewall? I think at work there is something called a RED BRICK
    Yes but perhaps we need a room so I can describe and demonstrate the finer details of "make it better"

    I've got a cheap D-link 614+ seems to do it's job without problems.
    Last edited by lynchknot; May 9th, 2005 at 04:21 AM.

  6. #6
    Nobody knows I'm a dog. TZ Veteran petard's Avatar
    Join Date
    Feb 2003
    Location
    Newspapastan
    Posts
    1,050
    Linksys, Netgear, D-Link - all of the big names offer firewalls. Actually it's usually part of the drop-in wireless router or ethernet router for home cable/DSL modems. It kinda works this way... the cable or DSL line comes into your house, attches to the router. From the router you either have an ethernet cable or a wireless signal to your PC.

    The router acts as a firewall, rejecting any inbound requests to your PC (unless you initiate one). If your computer is connected directly to the cable/DSL modem then chances are pretty good you DON'T have a firewall built in. Zone Alarm comes in handy at this point. It's good, but having another layer of security in place is much, much better.

    Many thanks to egghead for the cool .sig

  7. #7
    Titanium Member TZ Veteran Denyse's Avatar
    Join Date
    Mar 2005
    Location
    USA
    Posts
    634
    In that case I guess I am safe enough, more or less. I have a Linksys Router connected to the modem; and an ethernet switch connected to the router, and the computer connected to that. The switch is there so I share the printers and scanners with more than one computer. The Router does have wireless ability but I have that set not to allow anyone who's MAC address is not in the accept list. I also have it set for "G" only, no "B" access.

    Thank you for the input.

  8. #8
    Nobody knows I'm a dog. TZ Veteran petard's Avatar
    Join Date
    Feb 2003
    Location
    Newspapastan
    Posts
    1,050
    Well then I'd say you're well on your way to security bliss. Check your ZoneAlarm logs from time-to-time just to make sure.

    Many thanks to egghead for the cool .sig

  9. #9
    Friendly Neighborhood Super Moderator phishhead's Avatar
    Join Date
    Apr 2002
    Location
    San Diego, Ca.
    Posts
    3,622
    and the knee bone connected to the thigh bone....



  10. #10
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,638
    or you might get her foot bone connected to your butt bone.

  11. #11
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,735
    Another person paranoid about security... must be something in the North West water

    hehe... good one rik.. Hand bone connected to Cheek bone! *ouch slap*

    --- 0wN3D by 3gG ---

  12. #12
    Titanium Member
    Join Date
    Jul 2002
    Location
    blk helo target, WA
    Posts
    3,415
    I gotta bone to connect....

  13. #13
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,638
    Rumor has it that the one you refer to doesn't get connected much...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •