Quote:
Originally posted by pgs92109
Seriously though, I am curious why ZA blocks primary WPNP access even when I have checked the boxes within ZA to 'allow WinMX 3.22 to access the internet' and to 'allow my computer (via WinMX 3.22) to act as a server.'
|
this is because zonealarm blocks
all udp protocol access, both inbound and outbound, which wpnp uses for many things. this causes zonealarm to conflict with other programs, notably blubster, and generally causes people to blame blubster instead of zonealarm - after all, they've had zonealarm and its so-called 'hacker protection' for ages, and it's never messed anything up before, so it must just be a flaw in blubster.
i'm now provoked into one of my zonealarm rants.. ah well, i suppose it needed to be said.
zonealarm, even on its highest setting,
provides no protection from inbound attacks. sure, it tells you when someone tries to connect to a port that isn't open, but that doesn't help anything.
for example, i could try to connect to your computer's port 12345.
if zonealarm wasn't running, i'd send a request, windows would pick it up, and send a response saying 'go away, there's no program listening on port 12345'.
if zonealarm is running, it reports an 'intrusion attempt' on port 12345, and then doesn't respond at all, causing the requester to wait until the connection times out before knowing that it has failed.
zonealarm breaks the tcp/ip protocol to make it seem to its users that it is protecting them from something, when really it isn't at all.
i used to run zonealarm, until i figured this out - the thing is just snake oil, and wants you to pay to upgrade to the pro version.
yet people queue up to defend zonealarm. they say it's not the meaningless blocking of port accesses which could never be used for something malicious or the insane blocking of entire internet communication protocols that they use it for, it's to make sure that no program they don't want to access the internet can do so behind their backs.
if that's why you use it, you need to get to know what your computer is doing better. in my experience, many zonealarm users
click yes to everything it asks them, and then sit back and rejoice in their safeness from these evil people called hackers. as someone once said, 'a false sense of security is worse than no security at all'.
zonealarm asks once if a program can be a client, then a server. it gives no other information, and once permission is given for a session the program can do
anything that it wants. on top of that, ie automatically granted permission to always access the internet by zonealarm - you can send someone a program which runs 'explorer http://[your ip]:[a port you're listening on]/[passwords, installed programs or whatever else someone might care to know]' in a hidden window, and the data has just escaped from their computer
without zonealarm doing a thing.
if you want to be properly secure:
- use msconfig (or whatever) to take unwanted programs from your startup, and check it after you install something new.
- use something like
prcview to see all the programs running on your computer when you want to.
- run netstat -an at a dos prompt or its windows equivalent,
tcpview, to see which ports your computer is listening or sending data on.
it might be a little controversial, but i'd recommend everyone does the same as i have - that is, uninstall zonealarm completely.
knowing what your computer is doing is the only way to ever be truly secure - using some 'magic', badly programmed software firewall is only going to fix very little (if anything) and break a lot more.
end of excessively long rant.