But, reserved special thanks to Paul Terry [and others concurring], for
going well beyond the call and, more importantly, ultimately nailing the
reason for my DNS unpredictability... And while other subtle tweaks
may've helped [e.g. setting the DNS connections for defined addresses
rather than auto select] it was, it seems - judging by surfing
efficiency this past 24 hours - subsequently down to ZoneAlarm fumbling
with my connection attempts.
[Insert big sigh of relief here]
Thanks all! :)
--
Will Gortoa
Running: OS-XP Pro/2.9GHZ processor/2GB memory/160GB hard drive/Demon
HomeOffice 2+ through SpeedTouch ST546v6 wired router/Turnpike 6.05S mail-
news reader.
>ZoneAlarm fumbling
>with my connection attempts.
In my experience ZoneAlarm has caused many problems. I stopped using
ZA and removed it from all my systems years ago. My router firewall
works with no additional software.. IMO, anyone who needs to monitor
outgoing connections should find an alternative to ZoneAlarm.
Steve
--
Neural Planner Software Ltd www.NPSL1.com
Neural network applications, help and support.
>On Thu, 10 Dec 2009 16:01:03 +0000, Will Gortoa
><|||TheHipBlueBirdHouse|||@nospam.demon.co.uk> wrote:
>
>>ZoneAlarm fumbling
>>with my connection attempts.
>
>In my experience ZoneAlarm has caused many problems. I stopped using
>ZA and removed it from all my systems years ago. My router firewall
>works with no additional software.. IMO, anyone who needs to monitor
>outgoing connections should find an alternative to ZoneAlarm.
Well, given its rather peculiar behaviour here this past couple of
weeks, I'd be inclined to agree! I'm just pleased that it eventually
threw up some kind of message to out itself as the potential culprit!
>But, reserved special thanks to Paul Terry [and others concurring], for
>going well beyond the call and, more importantly, ultimately nailing the
>reason for my DNS unpredictability... And while other subtle tweaks
>may've helped [e.g. setting the DNS connections for defined addresses
>rather than auto select] it was, it seems - judging by surfing
>efficiency this past 24 hours - subsequently down to ZoneAlarm fumbling
>with my connection attempts.
Glad to have helped. Years ago I would probably have asked earlier if
you use ZoneAlarm, but it has now thankfully faded from the memory. It
was only when it revealed itself that my antennae started to twitch.
Like Steve, it's not software that I'd let loose on my own network due
to a long history of causing connection problems.
--
Paul Terry
We use Zone Alarm at work, and it causes no end of problems. "Avoid like the
plague" would be my advice. On a home network, with a router between you and
"the world", I really see no need for a separate firewall; the router does a
perfectly adequate job. That plus the basic Windows firewall should keep you
safe enough.
Cheers,
Chris
Unlike ZoneAlarm what a router does not generally do is keep a check
on outgoing traffic although it isn't going to help itself if ZA
screws up legitimate access.
>Unlike ZoneAlarm what a router does not generally do is keep a check
>on outgoing traffic although it isn't going to help itself if ZA
>screws up legitimate access.
Routers can often be configured to block traffic in either direction.
>On Thu, 10 Dec 2009 21:23:16 +0000, Charles Ellson
><cha...@ellson.demon.co.uk> wrote:
>
>>Unlike ZoneAlarm what a router does not generally do is keep a check
>>on outgoing traffic although it isn't going to help itself if ZA
>>screws up legitimate access.
>
>Routers can often be configured to block traffic in either direction.
>
Thus allowing both legitimate and illegitimate traffic out over the
same route ?
If as I do, you have any Win2k (or earlier?) PC's on a LAN behind a NAT
router, then OK you're still "protected" from the web by the firewall
action of the router.
But.... If you have other family members with their PC's on the same
LAN, and one of them get's hit by something (unless you have full
content filtering, and even that doesnt stop everything) as a result of
a legitimate request from it to a malicious web page for example...
Then, any unprotected (no firewall) PC's on the LAN could become easy
targets for whatever one of the kid's PC got.
(or as in my case, something my girlfriends PC got infested with!)
Of course, I could hide all my old stuff behind yet another router if
needed, taking care to correctly seperate the two address schemes.
Also, in the case of XP, if you want to use ZA, turn off XP's own
firewall, and let ZA do the full job.
I have had ZA problems in the past, but 90% of them turned out to be of
my own making, messing with network settings on the router etc,
resulting in ZA's internal records becoming out of date, and it then
blocking local traffic it should have let past. The other 10%, I
suspect were as a result of an update not sticking, or messing up other
settings. Rebooting usualy fixed things.
For most people, even behind a NAT router, if there is more than one PC
on the inside of the router, that is used to crawl the web etc, best use
some sort of firewal on the other(s), XP's is "good enough", but there
are others of course.
There is also a good webpage here:-
http://homepages.wmich.edu/~mchugha/w2kfirewall.htm
that shows how to construct your own firewalling rules on Win2k for
example. Fiddly to get right, but it does work. (Too well at times,
so ZA is not alone in blocking odd things it otherwise shouldnt at
times!)
I do not know if ME and earlier 9x support such meddlings.
I've no experience in this respect with Linux, or MAC, but I've read
that most Linux's are fairly configurable in this respect.
Regards.
Dave B.