OT: Computer Firewall

[George M]

Trying to emerge from the stone age and upgrade/learn about my computer and protect it the best I can. Thanks to all that have helped me in this process. I have just installed basic ZoneAlarm freeware on my PC in a effort to put up at least at least a basic firewall. When starting the program and going on line, the ZoneAlarm software prompts me for access. One blurb I get is whether I should grant "ClientSideProxy.exe access to the internet?"
Could one of the many computer literate members of this board explain what this is? Also, any general tips about how to set up the firewall to stave off unwanted hackers?
Thanks,
George

[sbcncsu]

Trying to emerge from the stone age and upgrade/learn about my computer and protect it the best I can. Thanks to all that have helped me in this process. I have just installed basic ZoneAlarm freeware on my PC in a effort to put up at least at least a basic firewall. When starting the program and going on line, the ZoneAlarm software prompts me for access. One blurb I get is whether I should grant "ClientSideProxy.exe access to the internet?"
Could one of the many computer literate members of this board explain what this is? Also, any general tips about how to set up the firewall to stave off unwanted hackers?
Thanks,
George

George,

I have been using Zonealarm for a couple of years. To answer your last question first, just by having Zonealarm installed and active, you are staving off unwanted hackers, that is what it does. It monitors the ports on your computer (TCP/IP Ports, not serial usb parallel etc...) and blocks traffic except to those programs and applications that you have granted access.

You need to identify the program "ClientSideProxy.exe" and what it is. Do a search for it on you hard drive and determine if it is part of an application like Norton Antivirus, McAfee or some other trusted program. If it is trusted, grant it access to the internet. If it cannot be identified, deny access.

Each program will have an entry under the "Program Control" tab on ZA. There you can grant or deny access or, as in the case of some e-mail programs, set it to act as a server.

You are on the right path by installing ZA. I have been very happy with the free version and am contemplating upgrading to Pro.

HTH,

[MicahO]

I'll have to let others comment on the ZoneAlarm config - but my basic recommendation for anyone with a high-speed line (either DSL or Cable modem or other high speed connectivity) is to buy a hardware device and use it!

Personally I feel that Zone Alarm or similar programs sit too close to the data to be effective at stopping problems. A hardware device, be it a well-configured filtering router or a simple firewall, prevents most malware from even getting to the PC. Logically speaking, by the time something bad gets intercepted by Zone Alarm, it's already standing in the doorway. I'd rather keep the front door shut.

Basic hardware firewalls from NetGear or Linksys can be had for $50 or $60 bucks, require little configuration out of the box, and require much less tinkering than a software-based 'firewall.' After that is in place, you can work to complete the defense-in-depth with regular Windows Update visits, an active and religiously updated Anti-Virus program set to scan everything, and possibly a decent spam killer. After that, and depending on how far you want to go, you can then look at something like Zone Alarm.

0.02, won't buy much gas......

--Micah

[MicahO]

One other note on that - The machine(s) being protected by any firewall device must be clean to start, before the protective fences are built. Building protection around an infected PC that can invite unwanted guests won't work. So as Scott was saying - identify items like "clientsideproxy.exe" and ensure that the machine is clean before any further steps are taken.


--Micah

[RobPatt]

I have cable broadband.... IF I download, I v-scan. I leave winipcfg running (Win98SE). When I want on the 'net, I just click and renew my IP address. When I'm done, I just click "Release". I'm figuring no IP = no problem. Or are there holes/flaws/weaknessess in winipcfg?

Rob sends....

One other note on that - The machine(s) being protected by any firewall device must be clean to start, before the protective fences are built. Building protection around an infected PC that can invite unwanted guests won't work. So as Scott was saying - identify items like "clientsideproxy.exe" and ensure that the machine is clean before any further steps are taken.


--Micah

[MicahO]

The machine is still unprotected when you are connected and active. Most worms will not reveal their activity until the damage is done, and may not reveal themselves after either. A system like this is also prone to forgetfulness, or dinner breaks, etc. Generally speaking, it's only a good solution if you're never online and never have an IP address.

I have cable broadband.... IF I download, I v-scan. I leave winipcfg running (Win98SE). When I want on the 'net, I just click and renew my IP address. When I'm done, I just click "Release". I'm figuring no IP = no problem. Or are there holes/flaws/weaknessess in winipcfg?

Rob sends....

[Jeff C]

I am running zonealarm PLUS have a hardware firewall - a linksys router. The guys at linksys assure me that I can remove the zonealarm but I leave it in place to control some of the information that goes out.

Maybe I am paranoid but when I start some programs they try to connect to the net immediately for no apparent reason, secondly when installing new programs off the net sometimes there is spyware that the router would let accesss the net but zone alarm would stop.

Having said all that when I was using a P2P program and granted it access it allowed virus files in as well as spybot type programs - needed to use antivirus and SPYBOT to remove them. I guess my point is no one solution is totally comprehensive if you do a lot of surfing/downloading.

YMMV

jeff

PS how's that new 330 workin?

[George M]

after do a hard drive search as suggested by sbcncsu above...thanks...and also doing an on-line search...clientsideproxy is related to the MSN acclerator I have on my computer. To accelerate web speed for my dial up, I need to set my ZoneAlarm to accept clientsideproxy internet access.
Here is a web accelerator thread I found that sheds some light:
http://www.sti.net/s-accelenet-faq.html#11

Thanks to all for the above discussion...good stuff and enlightening I am sure to many....certainly to me.
George

[Bill R.]

found a couple of weeks ago were all directly attributed to programs I had downloaded p2p through kazaa, nobody to blame but myself...didn't scan them well enough after downloading...didn't find them with norton and mcafee on a routine scan... only nod32 found them right away after I installed it....

I am running zonealarm PLUS have a hardware firewall - a linksys router. The guys at linksys assure me that I can remove the zonealarm but I leave it in place to control some of the information that goes out.

Maybe I am paranoid but when I start some programs they try to connect to the net immediately for no apparent reason, secondly when installing new programs off the net sometimes there is spyware that the router would let accesss the net but zone alarm would stop.

Having said all that when I was using a P2P program and granted it access it allowed virus files in as well as spybot type programs - needed to use antivirus and SPYBOT to remove them. I guess my point is no one solution is totally comprehensive if you do a lot of surfing/downloading.

YMMV

jeff

PS how's that new 330 workin?

[Derek A.]

Go on ebay and buy a hardware firewall. Netgear, Linksys are good brands. If you have an old PC floating around and are feeling adventurous you can use a linux based router such as Freesco @ www.freesco.org.