Help! - The Firewall is talking to me
 

Understanding what its doing

ZoneAlarm is active at all times. It is important to remember that when the firewall is active, any attack will only be successful if you have authorized it.

 

The most likely reason you are reading this is because a ZoneAlarm message has appeared informing you that, either the internet is trying to access your system, or, more likely (because we have a primary firewall in the router to prevent inbound access), that a program on your system is trying to access the internet.

 

You have two options, to allow or deny the access. If this is a valid access attempt and is likely to happen on a regular basis, you can also inform the firewall to remember the reply you have given so that you will not be asked in future. For example, when the Norton anti-virus was installed, and first attempted to access the Internet for an update, an alarm was raised. Access for this program was allowed and the firewall told to remember this reply. So now each time the Liveupdate in Norton executes you are not given any more alerts. With me so far... 

 

You may feel that it would always seem ok to allow access from the machine you are working on to the Internet. Not so. This is in fact an easy way to download unwanted software, and thus render the computer to other forms of malicious attacks. Consider a download of a piece of 'free' software; even something as benign as a screensaver package, that is an executable. An unscrupulous provider has 'tagged' into the download an additional download that occurs when the saver program is installed. When you run the executable to unpack the screen saver, the extra installer accesses the Internet to download another package, probably Adware that has been used to pay for the original 'free' package. ZoneAlarm will alert you that a program on your machine wants to access the Internet. Should you let it? If you do you are opening the system to all sorts of further attacks.

 

As you can see from this scenario, any virus or unwanted software, or malware is entirely down to the user. You chose to download the software in the first place, and further you chose to allow the secondary access. Even worse, if you told the firewall to remember the 'allow access' setting, such automatic applications could be re-applying many different things to your system either, each time it loads, or, periodically on a timer basis, without you even realizing where its occurring.

 

So .. what should you do?

 

If in any doubt

Deny access

and ...

Never, ever inform the firewall to remember an 'allow access' without consulting Samy or Mike.

 

 

Problems with Access being denied to valid requests.

The general instructions above, are to ensure you are secured from unauthorized software attacks. However, problems can sometimes occur when you deny access to a valid option. For example, denying access to Mail programs can stop you from downloading mail. If you think you have done this, one way to find out is to right click on the Zonealarm icon on the bottom right of the screen, and on the options displayed, select 'shutdown Zonealarm'. Then retry the function. If it works, then you have a deny request held in the Zonealarm database for this program.

 

To correct this,

Restart the Zonealarm package

      Click on the Start button

      On the Options displayed, click on 'Programs'

      On the Options displayed, click on 'Earls court - Internet Problems'

      On the Options displayed, click on 'Diagnostics - Firewall security'

Right click on the Zonealarm icon on the bottom right of the screen, and on the options displayed, select 'Restore Zonealarm Control center'.

On the control centre screen, In the List of options available on the left hand side of the screen, click on the 'Program control' option.

On the Program control screen, click on the 'Programs' tab.

In the List on programs affected, Right click on the program affected, i.e. mail in this example, and on the options displayed, click on delete. This will remove the restriction for this program from the firewall. Next time you try it, the firewall will again ask for access. This time do not deny the access. You should now be ok.