A question about firewalls

  nkosi 17:25 10 Dec 2004

I have a broadband modem router with a hardware firewall. I have two computers networked wirelessly behind it. They both also have Zone Alarm installed. ZA doesn't allow the computers to see each other so I disable it when I need to network. ZA is not happy being used like this and when re-enabled sometimes won't allow me to access the internet unless I reduce the security setting to medium. Sometimes it goes into this sulk when just ignored for an hour or two. (I originally thought it was my router dropping the connection, so this might be something to check if you are having connection-dropping problems).

Is the general opinion here that the hardware firewall is sufficient? Is it safe to put ZA out of it's misery and uninstall? I have all the usual AV and spyware protection running and up-to-date. I'd appreciate your comments.

  Modo 17:52 10 Dec 2004

Just configure Zone Alarms properly - it won't bite!!!

Got to the Fireall settings and then zones and enter the addresses including the ap that you want the Firewall to let through.

Then take a look at Program Control Program tab. Make sure you have a tick in the right boxes. Make sure that Generic Host Process for Windows has access as well as your Firewall - but preferably not server access otherwise the likes of Norton take over the computer. It is also how you stop Real F.... Player invading!!

If you want a safe easy way of doing all this uninstall and reload ZA. It will then prompt you to accept or deny all the connections including your wirelessly linked computers.

  Kegger 17:53 10 Dec 2004

Hi Nkosi,
why do you turn off ZA when connecting to your local LAN? why dont you add the LAN range to the firewall and make it a trusted site that way ZA will stop grumbling. I too have a hardwall firewall , but i still have ZA on all machines on both wireless and hard wired units. by making it a trusted range ( 253)behind the firewall everything works fine.

  ACOLYTE 17:57 10 Dec 2004

you only need a firewall on the host PC if you really wont to add to client ones then OK ,but it isn't necessary.

  anniel 18:19 10 Dec 2004

Husband and I are networked wirelessly with Homechoice 1MB and yet it seems to me the connection is as slow as the second coming.

I have Sygate free firewall, only because I read it was superior to ZA. Husband has ZA and as he is very conservative won't let me install Sygate on his PC.

Is it likely there is any conflict between these 2 firewalls on our PCs.

I am not the sharpest knife in the box technically speaking and so I ask the question.

Is there anything to be done to speed up a wireless connection?

We both have Windows XP, a Netgear wireless access point (WRG614 54Mbps 2.4 GHz 802.11g) plus wireless adapters fitted to each PC.

  ACOLYTE 18:36 10 Dec 2004

IMO, sygate is better than ZA for ICS and networking but as i say IMO,you only
need firewall on the pc that connects to net,you can still use the windows firewall, on other pc witch is more than adaquate IMO as it still blocks/asks what to let net accsess.If you have 2 firewalls then there is a better chance of confusion between the pair,one could say ok let "this" connect the other may disagree,the main point is the pc that is host has last word if set up right nothing comes in or out without going through it even if the client says its ok the host needs to say to say "ok" as well.

  nkosi 19:10 10 Dec 2004

Thanks for all the advice. It sounds like you consider it's a good idea to keep ZA but, as Modo says, I should configure it properly. Not sure about entering all the addresses I want it to allow through. I'm sure you don't mean individual urls! I'd better go through all the settings carefully.

Kegger - I hadn't thought of doing that, I'm new at networking, sounds like a good idea.

Acolyte - both PCs connect wirelessly to the ADSL router, so neither is a host PC, so ZA is set up independently on both.

anniel - I have a 1Mb broadband connection with BTYahoo and the connection speed is extremely fast. If your wireless network is set up correctly it should not be any slower than through a standard broadband modem.

  nkosi 19:52 10 Dec 2004

I've followed Modo's and Kegger's advice and configured ZA properly. My network is now in the trusted zone and I don't have to disable ZA to access it. The Generic Host process is configured correctly. So I guess I'm pretty well firewalled up to to the brim. Many thanks.

  fourjays 21:31 10 Dec 2004

I don't have any software firewall as such. I just have my route hardware firewall, and the default XP SP2 one. These are enough for me.

I was told by someone in here once (I had great difficulty with my network when I had NIS and my router firewalls on), that if you have a hardware firewall, you don't really need a software firewall.

  nkosi 22:11 10 Dec 2004

Yes, I have heard that a hardware firewall negates the need for a software one, but I don't understand how it works! However, a software firewall also alerts you to programs calling out. It can prevent any malicious programs that do get through from calling home.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

WPA2 hack: How secure is your Wi-Fi?

Microsoft Surface Book 2 hands-on review – bigger and 5x faster

Best kids apps for iPhone & iPad

Que faire si son iPhone ou iPad est tombé dans de l'eau ?