ZoneAlarm Employs Scare Tactics Against Its Users

snydeq writes "Check Point Software appears to be ripping a page from the 'scum it claims to fight,' running a scare-tactic warning dialog to frighten users into upgrading to a paid version of the company's ZoneAlarm firewall product. Preying on fears of ZeuS.Zbot, the Check Point warning dialog tells users their PCs 'may be in danger' without having found ZeuS.Zbot, nor having checked to see whether you're running an antivirus product. 'The program doesn't care if you're infected with ZeuS.Zbot, or if you have protection in place. It just wants to sell you an upgrade to the firewall that may or may not detect future ZeuS.Zbot variants' activities — some day.' Check Point's customers have inundated the ZoneAlarm forums with complaints."

ZoneAlarm still exists?

[Khyber]

I haven't used that piece of garbage software in about 5 years.

Re:

[Anonymous Coward]

I haven't used it since XP SP2 included a firewall. Good riddance!

Re:

[jlechem]

I long since moved to Spybot Search and Destory. That thing was ass even back then, it would slow down my old pentium to an unusable state. Doesn't sounds like they've gotten better in the past 5 years.

Re:

[vegiVamp]

"Search and Destory", eh ? I guess Slashdot is running that, too.

Re:

[MonsterTrimble]

That was my first thought. I quit using Zone Alarm before I jumped ship to Windows due to it *REALLY* borking windows until it was removed. Frankly, when the window's stock firewall kicks your ass, you're done.

Re:

[WaroDaBeast]

I think I used it until version 5.5, and stopped afterwards because subsequent versions would prevent explorer.exe to load at all. I had to kill the process for things to work properly. Gave whichever version was the latest a try when I got a new computer in '07 — same story. *shakes head*

Re:

[HermMunster]

Zone Alarm is freaking annoying, constantly asking you to upgrade to the full version.

AVG is annoying too. They constantly warn you that if you don't get the paid version that you won't be fully protected.

Comodo is a pretty decent firewall and it has the side benefit of staying out of the way. I generally only see it when it asks me if I want the latest upgrade.

Microsoft's Security Essentials is fine for those individuals that need protection. If you get infected (with just about any malware protection)

Re:ZoneAlarm still exists?

[Thinboy00]

If a system is so borked you're mounting it via another computer [enwp.org], you might be better off just formatting and reinstalling [enwp.org].

Re:

[Snaller]

Its odd, it worked fine for me on Xp - but then when i went over to Windows 7 it ended up blocking all connections (including itself (if you click update, it should be able to check for updates, but it just froze itself)) - and there was nobody who knew why.

So out it went.

Re:

[Odinlake]

Meh, stupid people don't deserve to have money anyway.

Then on the other hand neither does ZoneAlarm.

Re:

[mark72005]

Is there a (preferably free) alternative to Zone Alarm?

I installed this several years ago on my parents computer because they kept getting it inundated with viruses and spyware and such.

Re:ZoneAlarm still exists?

[Lumpy]

Yes; windows XP SP2 or higher, windows Vista, and Windows 7. All three have a firewall that is more than most users need.

IF you really need a "little snitch" type of app for windows, you need advanced software. 99% of all users do not need this kind of "firewall" and would be better off with the built in windows one.

Re:

[SenFo]

Combine the built in firewall with Microsoft Security Essentials [microsoft.com] and keep with Windows updates and you'll generally have a secure system.

Re:

[Jaseoldboss]

I came across a great illustration of why you need a good firewall that can be used to control outbound traffic the other day. I was installing CPUID and the installer tried to contact Ask.com before it had even asked me whether I wanted the Ask toolbar installed or not.

Windows firewall would have just let that through but I was using the Sphinx Software firewall app that configures Windows Firewall so that you can use it to stop unauthorised outbound traffic.

Re:

[magnusrex1280]

Microsoft Security Essentials, hands-down. Faster and more efficient than all the others, and it's unobtrusive. And it's free.

Re:

[HermMunster]

I would dispute the "faster" part of your statement, though I would say that it is competent.

Re:ZoneAlarm still exists?

[h4rr4r]

iptables.

Re:

[billcopc]

Anything, really. Windows' built-in firewall does the job for most people. Beyond that, the only option worth considering is a firewall that is completely outside of your desktop PC, e.g. a residential router or small linux box with IPtables. Think of it this way: if your desktop gets a virus/rootkit, any software running on the same machine is also compromised, including the firewall.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Khyber]

Windows 7 has been rock solid for me, surprisingly.

But I always have a spare MenuetOS USB key for when I want to tinker around.

See ya ZA

[rbochan]

I used to recommend them to residential users. I will not ever again.

Re:

[Mashiki]

I think that was the idea behind this. Or "How to lose your customers in 3 easy steps."

Re:

[Martin Blank]

I stopped recommending ZA a few years back, when they had that stream of critical vulnerabilities. Only recently had I thought about adding them back into the recommendations list since I hadn't seen many major problems in a while. This knocks them back off the list for a couple more years at least.

Trusted

[Psychotria]

Well, they fooled me at first because I've had ZoneAlarm installed for ages and trusted it. After looking through my running processes, registry, etc, and doing a virus scan I suspected something was dodgy because there was no indication of this zeus trojan. It was then I found the big list of complaints on ZoneAlarm's forums. I was a bit annoyed that they wasted my time. Until yesterday when this showed up I had no reason no to trust what ZoneAlarm was telling me. Now, I am not so sure.

Re:Trusted

[Darkness404]

....Because many viruses will try to open up ports so they can send spam, etc.

Re:

[CannonballHead]

Your AV doesn't check your e-mail/downloads automatically?

Re:

[laron]

In the last months, I see more and more malware that does not even require admin permissions. On the plus side, it is of course much easier to clean up an infected user account.

Re:

[TheThiefMaster]

I've since moved to an OS where I don't have to jump through hoops to make sure I'm not running as Admin all the time. Before you jump to any conclusions, I mean Windows 7, though I do run Linux on my media PC.

Jump through hoops?

Windows 7 with an admin account with UAC enabled (default) = Linux with a limited user with sudo permission
Windows 7 with a limited user = Linux with a limited user

If you run as a limited user on 7 then the UAC prompts become admin login prompts, so it's not too hard to actually run as a limited user and still be able to do adminy things if you want. There's not a lot of point though, you might as well just use your admin account, UAC'll make it act as a limited account.

Re:

[0racle]

I hope their security suite is better then their backup tool. Did a test restore with their trial and it was unusable, permissions were all messed up and it was missing a lot of files.

I personally won't recommend any of their products.

ZoneAlarm was backdoored, right?

[equex]

I thought ZoneAlarm got outed for essentially being a backdoor some years ago ? I stopped using it then and never looked back.

Re:

[TheRealMindChild]

Trusting a software firewall is like trusting "The Club (tm)" to protect your car from thieves. Just like ZoneAlarm, once I hit it, I'm hitting the software stack on your machine, and a compromise via 0-day exploit can be made just the same as a car thief using a hacksaw to cut a small hole in your steering wheel and removing "The Club (tm)"

Re:

[FuckingNickName]

And how many such network stack attacks have existed since Win98?

Re:

[TheRealMindChild]

It doesn't need to be the network stack exploited... just ZoneAlarm... the bit you shoehorned between your network connection and the rest of the internet.

Re:ZoneAlarm was backdoored, right?

[Caerdwyn]

CVE-2007-0069

CVE-2007-0069

CVE-2010-1893

Though the last one really doesn't count for ZoneAlarm's intended function, as it's a local privilege escalation.

Reference: http://cve.mitre.org/index.html [mitre.org]
Search terms: Windows kernel tcp/ip

Re:

[Caerdwyn]

fatfingered the first. CVE-2007-0066

Re:

[jgtg32a]

By fat fingered you mean had your mind in the gutter

Re:

[Caerdwyn]

I thought that was part of the axioms and was "taken as read"...

What are you wearing?

Re:

[FuckingNickName]

Poorly implemented management protocols sitting above TCP, UDP or raw IP do not represent the kind of problem which a software firewall cannot deal with because of a bug in the network stack.

N.B. router discovery protocol is not enabled by default in Windows and IGMP will be blocked by default on any sane firewall before packets are acted upon. This is fortunate since several operating systems, including Linux, have suffered from poorly implemented IGMP handling.

Re:

[Lumpy]

What loser thief uses a "hack saw" for that? bolt cutters will go through a steering wheel in less than a second. that kind of speed is important for a car thief. Sawing for 10 minutes is not something anything but a crackhead would do.

Re:

[Martin Blank]

Hacksaw blades with duct tape around one end are much easier to hide than bolt cutters, and it only takes under a minute to go through a steering wheel.

Re:

[PaladinAlpha]

My car got stolen a week ago, so I'm really getting a kick out of this. (No, it really did get stolen.)

Related note. Let's say you lived in a high-risk zone for car thievery, and that you weren't going to be able to afford anything more than like some late 90's economy model car (so, say, no car alarm or GPS), and you really HAD to make sure it didn't get stolen. What would you do? I was actually thinking Club until you people convinced me otherwise *grin* -- any alternate suggestions?

Re:ZoneAlarm was backdoored, right?

[Tanktalus]

Googling for "car colour theft", one of the top hits is an article suggesting painting your car pink [nytimes.com]. Not sure if the cure is worse than the disease, but that's your call to make for your own situation.

Re:

[SydShamino]

The Club works fine provided the car next to yours doesn't have one. It's not about making your car steal proof - it's about making your car slightly-less steal-able than your neighbors'.

Same strategy that makes a barking dog good home security.

You won't get absolute security to prevent losing your car. You could put in an ignition kill switch, but you'd want to find a mechanic that was creative with switch placement or that would be found, too. And the thief won't know about this until after he's broken

Re:

[SydShamino]

Also, don't leave anything in your car, and don't put things in the trunk when you park. Why advertise that you just stuck a laptop in the trunk and then walked into a movie theater? If you're going to put something in the trunk, do it before you drive somewhere, not after you arrive.

Re:

[PaladinAlpha]

Excellent advice, and I now have, I feel, a better grasp of the situation. Thanks :D

Re:

[SydShamino]

If you're carrying something to smash the window and a saw to cut the wheel, why aren't you already carrying a pry bar, too?

Why would you even need a pry bar? To get into the car? Already have something to that. To pop the ignition? Already have something for that, and even if you couldn't do this with a saw (but could with a prybar) how would a rounded-on-all-ends Club help?

Re:

[MachDelta]

Wire a toggle switch to your fuel pump +12v wire and hide it somewhere in the cabin. Preferably not any place it will be bumped/kicked/elbowed. Then get in the habit of switching it off when you get out. Next time some moron tries to jack your ride, all they'll be able to do is kill the battery.

Re:

[toddestan]

Get a manual transmission. Then remove the radio and let the wires dangle out of the dash. Absolutely don't leave anything visible in the car that might be worth stealing. That includes the $1.27 in change in the cup holders. It may even help to empty out the glove box and leave that open too. It may also help to get a less common model of car, as it's the most common cars that are the most desirable as it's easier to fence the parts. Also don't get a higher trim line, because once again the parts are

Re:

[Eivind]

Paint it. Pink with purple stripes, works well, or any other colorscheme far away from metallic-grey. Seriously, it's cheap. It's effective. It makes it a hell of a lot easier to refind your car on the giant parking-lot, and it's zero overhead in your normal daily routine.

Backfire after management change

[flydpnkrtn]

As a poster indicates, ZA was bought out by CheckPoint a few months ago. This scare tactic will probably backfire on them...

Why in the hell did someone at CheckPoint say to themselves "Wait a second... Gestapo style marketing that looks like a phishing scam sounds like a great idea!"

Re:

[ponds]

2004 is more than 'a few months ago'

Re:

[flydpnkrtn]

What's a measly 72 months between friends? :)

Re:

[jopsen]

This scare tactic will probably backfire on them...

Wouldn't that require that their customers knowns the difference between, the ZoneAlarm popup and one of the five other popups provided Symantec, AVG free and Avast... All of which are likely installed and peacefully generating popups at appropriate intervals...
- Seriously, how many tech savvy users runs Windows, sorry I mean... How many tech savvy users runs anti virus software... let alone ZoneAlarm... :)

Re:

[Spad]

Any tech savvy user should be running AV on Windows - and that's not a slight on Windows per se - given the number of vulnerabilities in a wide range of software *cough*Adobe*cough*, exploitable in the browser from "trusted" sites that have been compromised, often with days or weeks without a patch or workaround, it's a very bad idea not to run some form of real-time AV scanner.

The days of "I know what I'm doing, I keep my stuff up-to-date, I don't open unknown attachments, boot from unknown media or visit

Re:

[couchslug]

"This scare tactic will probably backfire on them..."

Easy enough to help that happen.

Geeks are often asked for advice. Telling people software will fuck up their computer tends to get their attention.

Summary is correct

[cerberusss]

The summary is spot on. I haven't been a Windows user for a number of years, but a friend asked me to fix her malware problem and I reinstalled her Windows XP box. For the firewall, I remembered ZoneAlarm from a few years ago and installed it. After the first reboot, some stupid popup appeared, prompting me to "like" the software on Facebook. I'm like WTF? But still gave them the benefit of the doubt. Next reboot it comes up with the totally bogus popup that I may get infected with Zeus. I had to reread it twice to find out it really was an advertisement.

I downloaded Comodo [comodo.com], unplugged the network, uninstalled ZoneAlarm, installed Comodo and plugged back into the inter webs. Never looked back.

I probably will not buy any Check Point software for my business either.

Re:Summary is correct

[Blue Stone]

Yeah, I ditched Zone Alarm for Comodo some time ago after ZA got bought out by Checkpoint. I think it was that the newer post-buy-out versions of the software kept re-ckecking the "automatic updates" option in the preferences and kept giving itself permission to access the internet, despite me explicitly blocking it. Several instances of this and I thought, 'crikey, the new owners are a bit dodgy' and jumped ship to Comodo.

Can't say I'm surprised to see them plumet down the 'sacrifice integrity to serve our bottom line' route. (That's also why I ditched AVG).

Re:

[Martin Blank]

Checkpoint isn't bad, actually. It's just the ZA line that you really need to avoid. Checkpoint itself does well if you don't need advanced features (at least with high performance).

Whats ZoneAlarm?

[NevarMore]

Is it like a frontend for iptables?

Re:Whats ZoneAlarm?

[master0ne]

It used to be a sophisticated light weight feature rich firewall for windows.... it allowed rules and whatnot.... now... its a bloated flaming pile of sh*t sinking with a horrible company that deserves to be put out of business for its questionable marketing practices and horrible customer support.

Re:

[youn]

I thought it was more like a rear end as it's acting like an ass ;)

ZoneAlarm users get what they deserve

[realmolo]

Seriously. What morons are using ZoneAlarm? WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

ZoneAlarm has always been a piece-of-shit.

Re:

[Nimey]

Not always. It was pretty decent back in the 2.x Windows 98 days.

Re:

[Culture20]

Windows has had a better firewall since XP

Try blocking outgoing connections with the XP firewall.

the Vista/Windows 7 firewall is even better than that

This is true. Unfortunately, with its power has come a more difficult interface. Why do I have to click 20 times to enter ~10 IP ranges into the scope list for just one port? Why can't it be a comma delimited text field like before?

Re:

[mysidia]

Try blocking outgoing connections with the XP firewall.

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

Worrying about blocking outgoing connections with ye' ol' windows XP firewall is kind of like worrying about duplex printing on a 80s/early 90s-era dot matrix printer <G>

Re:

[e065c8515d206cb0e190]

Windows XP is a 12 year old product?

Also, how is age relevant? ipchains/iptables is 12 years old, and supports this very basic functionality.

Re:

[camperslo]

>Windows XP is a 12 year old product?

To avoid interoperability issues between planets and provide protection against unexpected centuries, highly innovative operating systems offer chronometric algorithms based on user-derived hair plus root extraction data. Perhaps you forgot to enable this feature.

Re:ZoneAlarm users get what they deserve

[mysidia]

Linux 2.2 wasn't released until 1999. 12 years ago, we were using a tool you probably never heard of called ipfwadm, and before that ipfw

Linux's firewalling capabilities have always been miles ahead of Windows' built-in firewall capabilities in terms of being functional, flexible, and easier to get to do what you want for the power user.

Windows, ZA, Comodo used to be ahead in terms of usability for the average user.

Linux firewalling capabilities improved a bit over time, they became more powerful and more user friendly (at least for the Linux admin), more capabilities were introduced in the form of modules.

However, Linux firewalling didn't change much --- it's pretty hard for something that is already nearly perfect to evolve.

On the other hand Windows had and still has a lot of ground to cover in regards to improving the firewall.

It is more cumbersome than ever to add firewall rules or exceptions to the Windows firewall. No simple text-based language. No built in rapid CLI-based addition method (have to resort to still a cumbersome GUI to do it).

Re:

[Spad]

http://blogs.technet.com/b/jamesone/archive/2009/02/18/how-to-manage-the-windows-firewall-settings-with-powershell.aspx [technet.com]

Yes, it's just interfacing with the com object, which is a little cumbersome, but given the rate at which MS are adding service-specific Powershell modules, it wouldn't surprise me if there are some proper PS tools for working with the Windows firewall in the near future.

Re:

[TheThiefMaster]

Windows applications will trigger a "do you want to allow this program through the firewall" prompt, easing setup. I haven't seen that on Linux.

You also get independent firewall rules for being connected to different classes of network: domain, work, home, and public. This is invaluable for laptops (which will basically turtle on a public wifi). Again, I don't remember seeing this feature in any Linux distro either.

Re:

[Culture20]

Um, yeah. That was my point. Realmolo said XP firewall was better than ZA. I explained why it isn't, and even pointed out that Win7's was better.

Re:

[psoriac]

Have you actually tried to enable outbound filtering on a home PC? It's terrible.

Re:

[cerberusss]

Try upgrading to Windows 7 and using Windows Advanced Firewall instead of a 12-year-old product ? :)

I haven't used Windows on a day-to-day base since 6-7 years, so I was pretty surprised to learn that as of two years ago, Windows XP was sold pre-installed on systems like the ASUS Eee Box [asus.com]. These are little Intel Atom-driven machines as small as a lunch box. Due to their limited CPU power, they came with Windows XP.

You generally do not update such small boxes to a big OS like Windows 7, it will probably run dog-slow while the preinstall is working pretty smoothly. So I agree with your general sentiment, but

Re:

[JayGuerette]

WHY would you use it, when Windows has had a better firewall since XP, and the Vista/Windows 7 firewall is even better than that?

Why? Simple: because the Windows firewalls have a built-in white-list. That completely removes it from my consideration. I'd argue that 'firewall' is not even applicable to that service.

Re:

[TheThiefMaster]

Would you prefer a blacklist?

Re:

[MMC Monster]

Seriously. What morons are using ZoneAlarm?

You know that person you told to use Zone Alarm 8 years ago? He's been upgrading since then and telling all his friends that his computer expert friend told him Zone Alarm is great.

Sucks to be us.

Re:

[cyclomedia]

Indeed but surely I'm not the only slashdotter who has the firewall turned off and no av/scanning software installed at all?

The trick is to not use any MS software except for windows (XP) itself (currently on Chrome, Thunderbird, OpenOffice) but keep Automatic Updates turned on (though that requires a Legit copy of XP...) and not to have friends who are likely to email you screensavers. Not had any problems in years (last incident was an unpatched 2000 box that was pwned within minutes of going online). Cue

ZA -- good but time passed it by

[mlts]

I remember ZA being decent, especially the registered version. However, there isn't a need for it anymore, just like there isn't a need for QEMM-like packages for new equipment. Windows 7 has a decent built in firewall to keep things out [1], and for antivirus protection, Microsoft Security Essentials is a download away and licensed at no charge.

[1]: If a compromised app is trying to phone home, the battle is lost when it comes to host security. So having a firewall popping up Allow/Deny dialogs is pointless on post-XP Windows versions because of the amount of false positives generated.

Re:

[Altrag]

Which is why most firewall software has a "always do this" option of some sort. The first week or so after you install a new firewall program generally sucks, but after that you've usually got most of your "real" apps marked off and things go pretty smoothly from there on.

Of course for some people, a week worth of always clicking "Allow" is enough to train them badly forever.. but there's only so much that can be done :P.

Re:

[Ecuador]

just like there isn't a need for QEMM-like packages for new equipment.

What do you mean? Is there another way for new equipment to make 610kb+ of base RAM available to play Sensible Soccer?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[mlts]

If a user is using XP, even XP's outgoing firewall is decent. These days, the only real niche for ZA is Windows 2000 and earlier, operating systems with no intrusion protection from incoming network attacks.

Other than the edge/corner cases of embedded equipment running Windows 95/98/ME/NT/2000, people who still have HP Journadas or other portable items that run a way backlevel version of the OS, and maybe someone running old applications on a VM with this old an OS, I just don't see any point for ZA as a s

Anyone know a decent software "firewall"?

[Anonymous Coward]

I used to use Kerio in the WinXP days, but it doesn't cooperate with Win7 x64.

Requirements:
1) Rule-based. I want to permit/deny network traffic to certain apps. 2) Option of "PermitTraffic/AllowTraffic" and "LogTraffic/IgnoreTraffic" as independent settings. (e.g., I want to allow logging of permitted applications' traffic, as well as denied apps' failed attempts, and after looking at the logs, decide whether or not I want to bother logging it.)
3) Accurately figure out which app is actually responsible for denied traffic. (Looking at you, PrivateFirewall 7.0, which never actually says that it's the Windows Update client that's legitimately trying to access some random Akamaized download site.)

I tried the built-in Windows firewall, but it was difficult/cumbersome to set up in default-deny mode, and when I did, I couldn't easily find out which app was causing the denied traffic. (e.g. is it some game that phones home on the first attempt to register/activate, or is it some bullshit Games For Windows Live client that has no need to be used in a single-player game?)

Thanks to PrefBar for one-click Javashit and Flash toggling, a non-Adobe PDF reader, an ad-blocking local proxy, and the equivalent of a decent-sized ad-blocking HOSTS file implemented in the external router, I've never actually been hit with malware, so I'm more interested in monitoring unsolicited outbound traffic than worrying about inbound traffic. Likewise, I'm more interested in legitimate apps rather than malware that could trivially disable the software "firewall". Given that sort of environment, what's the current best practice for software "firewalls"?

Re:

[mlts]

That is exactly how to do security these days. Running a capable browser with Adblock, Foxit for PDF reading, keep add-ons like Quicktime and Flash updated if one uses them. Just Adblock alone gets rid of the dodgy ad sites, some of which allow third party advertisers to try to use bugs in add-ons as a vector for compromise.

Hardware firewall first to protect machines from incoming network attacks. Second are filtering the ad sites which will happily slap drive-by malware on people's machines. Third, fil

Re:

[Martin Blank]

Kerio's firewall was picked up by Sunbelt, which has been promising a 64-bit version for some time but has yet to deliver.

Actually, looking at their forums, they just posted a couple of days ago that the new 64-bit version of VIPRE (their AV software) includes a firewall. VIPRE is pretty good and has low resource utilization. I've got Nod32 at home, and it was a toss-up on which to go with, but Nod32 had a slightly higher percentage of malware caught in a test at the time, so I went with that. (Nod32 has

Zounds! ZoneAlarm zealous about Zeus.Zbot?

[Culture20]

Whatever happened to alliteration in article titles?

I stopped using that crap...

[TavisJohn]

When they basically refused to support Windows 7. I have sense replace the firewall on ALL my machines (including my XP machines) with PC Tools Firewall Plus. It is free, and provides better protection than Zone Alarm.

Re:

[Ecuador]

What's wrong with simply using the Windows 7 firewall? Maybe ZoneAlarm did not support Win 7 because they know there is already a better firewall included...

Re:

[TheThiefMaster]

The built in firewall allows apps to give themselves permission to access the internet. So that means that spyware and other crap that a firewall is supposed to block... Can give itself permission to go online.

Only if the app is allowed to run as admin. And if it's running as admin, you're hosed anyway.

"customers"

[Necron69]

I don't think that word means what TFA's author thinks it means.

- Necron69

List of free Windows firewalls

[Aryeh Goretsky]

Hello,

Below is a list of free application software firewalls I put together a while ago. Not sure if they are all current, and I am probably missing quite a few, but it is a starting point.

Firewalls
Active Network [lanctrl.com] - Active Wall Free Edition [lanctrl.com]
Agnitum [agnitum.com] - Outpost Firewall Free [agnitum.com]
AS3 Soft4U [xthost.info] - AS3 Personal Firewall [slashdot.org]
Ashampoo [ashampoo.com] - Ashampoo Firewall Free [ashampoo.com]
Comodo Group [comodo.com] - Comodo Firewall (now a part of Comodo Internet Security [comodo.com])
FilSecLab [filseclab.com] - Filseclab Personal Firewall Professional Edition [filseclab.com]
Group 4 Business Intelligence [g4bi.com] - IDNWebShield [idnwebshield.com] (main web site down when last checked)
NetVeda [netveda.com] - NetVeda SafetyNet [netveda.com]
PC Tools [pctools.com] - PC Tools Firewall Plus Free Edition [pctools.com]
PrivacyWare [privacyware.com] - Privatefirewall [privacyware.com]
SecurePoint [securepoint.cc] - Securepoint Personal Firewall & VPN Client [cnet.com] - (discontinued?)
SoftPerfect [softperfect.com] - SoftPerfect Personal Firewall [softperfect.com]
Tall Emu [tallemu.com] - Online Armor Free [tallemu.com] - (acquired by EmsiSoft?)
WIPFW Project [sourceforge.net] - WIPFW [sourceforge.net] - (port of BSD IPFW)

Firewall Managers
GT Delphi Components [gtdelphicomponents.gr] - Windows Firewall Ports & Applications Manager [gtdelphicomponents.gr] (WFWPAM)
Sheesley, Eric [shadowlair.com] - XPFiremon [shadowlair.com]

Hopefully, this is of help.

Regards,

Aryeh Goretsky

not much different from "security scan"

[roc97007]

"We have met the enemy, and he is us."

I stopped using zone alarm a long time ago.

But besides all that, I've noticed that just about everything you download these days also tries to install (besides Yahoo Toolbar) a free copy of -some-name-brand- Security Scan, which appears to be nothing more than an advertisement for the company's non-free antivirus package. It really seems like the antivirus people are more and more adopting the same business model as the scareware vendors from which they purport to

PC-based firewall software is all garbage

[jonwil]

If you are on a small network, get a router with a built-in firewall (even a home all-in-one broadband router is good enough for this)
If you are on a larger network, get a proper firewall (e.g CISCO PIX)

And in all cases, run a GOOD anti-virus (that means something OTHER than Norton or McAfee) and keep all your software patched.

If you DO feel the need to run a firewall e.g. if you are connecting over wireless broadband (where you cant put a hardware firewall between you and the network) or if you are on coff

Two answers

[cheros]

If you absolutely have to continue suffering the worst computing experience possible, get at least Kaspersky. It works, not too much overhead and doesn't use incomprehensible blinky tray icons that won't tell you anything useful (yes, Norton, that is you).

Otherwise, enough already. I'm very weary of anything that has a complete cult as supporters, but as I also use Linux I figured I ought to try a Mac as well. I'm still not a fanboy, but I can recommend it, if only to experience what computing ought to b

Re:Inundated?

[flydpnkrtn]

There are posts that reference other threads where this was "already posted," but clicking those links leads you to a vBulletin "No thread specified" page. Presumably ZA has been deleting threads....

See http://forums.zonealarm.com/showpost.php?p=283423 [zonealarm.com] and http://forums.zonealarm.com/showpost.php?p=283420 [zonealarm.com] for example posts... both those posts reference a nonexistent thread.

Damage control maybe?

Re:

[ElKry]

Feels like thread merging to me.

Re:

[lgftsa]

They're also editing people's posts under their "terms of use" policy. Mostly it's removing the names of other firewall products, but there's a couple by the main editor "GeorgeV" with no indication of why the edit was made or any placemarker to show where it was made.

Ah, and there's also some posts which have entirely disappeared. Since the unique post ID is common to the entire forum it's hard to detect, and the #x post counter on the right is dynamically generated when the thread is displayed. I did see

Re:

[fbjon]

As I understand it, this popup is to get people to upgrade to a paid version. In other words, those who get the popup haven't paid, and are thus not actually customers. That's what I imagine the company must be thinking, if they are as stupid as I think they must be.

Re:

[couchslug]

"I swear Bill Gates could come to my house and hit my balls with a hammer for all the harm it would do."

I, for one, find that idea vaguely arousing.

Re:

[NetNed]

I'd say with Vista and 7 the firewall is good enough that you don't have to use a third party software. The XP firewall is very basic and only monitored (controlled) incoming traffic. So If you got something nasty on your system it would do nothing to stop it from phoning home. 7 and Vista can monitor outbound traffic also so that alone make them much better solutions. 7's firewall goes even farther then vista's giving the user ability to configure multiple policies for different environments, nice for a no