Firewalls

:FI:TacticalS! · Post by **:FI:TacticalS!** » Wed Jan 24, 2007 4:44 pm

I have been using ZoneAlarm Security Suite for almost a year. ZA has provided my only firewall as my PC is directly been connected to a cable modem that does not have any firewall protection (XP firewall has been disabled).

When I play games offline I would routinely click a button on the cable modem that severs my Internet connection, and then proceed to shutdown the ZA suite and other certain processes before launching the game.

Recently I switched to Vonage (VOIP telephone service). Now my setup includes a Motorola cable router (VT2442) that allows me to connect my PC, telephone and Xbox 360 to the device, which is then connected to my original cable modem. I would still like to close down ZA when gaming offline, but hitting the switch on my original modem would obviously disconnect the phone (wife says that's bad).

So for my first question: Is it safe to shutdown my ZA suite to game offline given the firewall protection of my new router? This is based on the assumption that there are no viruses, etc on my PC beforehand of course, and that I don't jump online during my gaming session. With the new router I notice that there are no longer any external hits to ZA's firewall.

My second question: I also of course want to continue hosting Historic Encounters. Would it be a reasonable thing to shutdown ZA and use only the router's firewall for these sessions? Though I'm completely new to routers, I realize it will need to be setup (i.e., port forward) properly in order to work.

I would appreciate folks knowledgeable and experienced in these sorts of situations to kindly provide me some insight with regard to the security risks. I understand (I think) how to actually set it up.

TS!

Post by **:FI:Gurberly** » Wed Jan 24, 2007 7:02 pm

Nat router only blocks outside access to inside the network. With ZA enabled you are also configuring what applications can venture out into the big wide world. e.g. if some errant software/keylogger was to install itself somewhere it would still have to negotiate with ZA for permission to talk outside before passing over your bank account details. The router would just let it straight through.

Leave it on, or buy the wife a mobile

With the router and port forwarding you'll need to assign the PC a permanent IP address so the router knows where to route those little electron thingies

G

:FI:Sneaky_Russian · Post by **:FI:Sneaky_Russian** » Wed Jan 24, 2007 8:05 pm

Right click ZA in tool tray and sellect "Game Mode". I think it's new with last update- dont remember seeing it before last week anyhow!

engage ZA "internet lock" when gaming offline

:FI:TacticalS! · Post by **:FI:TacticalS!** » Wed Jan 24, 2007 8:12 pm

Thanks for your respond Garth! As I said routers, and the technology surrounding them, are completely new to me mate.

I have read your response, and have re-read my initial post. I may not have been clear. My Vonage NAT router also has a firewall built-in. Here is a manual for this model if you care to take a quick look.

Does this make a difference Gurberly? Could I safely shutdown ZA, especially when not hosting, and even when hosting (assuming my system is clean)? Won't the hardware firewall provide adequate protection? Or are you saying I need as much protection as possible, especially since I'm playing with those unclean :FI: Yanks.

I do understand the benefit of having a software firewall and hardware one to catch potential threats travelling in both directions. Fully intend to keep ZA running under normal Internet use. Just wondering if this is necessary under the two situations I mentioned. And please give me your honest opinion - don't let me try to sweet talk you into saying its fine. (please say its fine, please! [-o< )

TS!

:FI:TacticalS! · Post by **:FI:TacticalS!** » Wed Jan 24, 2007 8:15 pm

:FI:Sneaky_Russian wrote:Right click ZA in tool tray and sellect "Game Mode". I think it's new with last update- dont remember seeing it before last week anyhow!

engage ZA "internet lock" when gaming offline

Interesting. I will take a look. However, I would ideally like to kill ZA completely if it is safe. Wonder what this "Game Mode" thingy does? Need to do some research me thinks.

Post by **:FI:Gurberly** » Wed Jan 24, 2007 9:25 pm

Couple of links for more background stuff

http://kalsey.com/2003/10/nat_is_not_a_firewall/" onclick="window.open(this.href);return false;

http://www.practicallynetworked.com/sha ... rewall.htm" onclick="window.open(this.href);return false;

Nat routers drop or don't allow packets from outside that it does not recognise as requests as originating from inside the network. Hence it has some features akin to a firewall. Which in marketing speak means it is a firewall. In the same way as a car is a car beacause it has four wheels and doors. The fact that it does not have an engine makes it no less of a car in the marketing sense, after all if it looks like a car and does some of the things a car does it is a car where everyone really knows that a car without and engine is in fact a glider, albeit one without wings.

I'm assuming this is a standard Nat router, the details in the manual are a bit thin. The only firewall configuration is that it has an on/off check box. which may or may not actually do anything anyway.

Personally I would keep it running. As Sneak says, if you really want to lock it, hit the lock button....anyway, surely you are not going to be gaming online when "her indoors" is on the internet phoney thingy. Imagine the packet interference!!!

G

:FI:Sneaky_Russian · Post by **:FI:Sneaky_Russian** » Wed Jan 24, 2007 10:00 pm

ZA "Game Mode" allows you to "Automatic Accept" or "Automatic Deny" all access alerts.

Zone Alarm Help file wrote:Game Mode
Game Mode temporarily suppresses most Zone Labs security software scans, product updates, and alerts, so that you can play games on your computer with fewer interruptions. Game Mode lets you temporarily allow or deny all program permission requests, so that Zone Labs security software can answer such requests automatically without displaying alerts. Automatic scans and product updates are postponed until you deactivate Game Mode. Game Mode remains active until you turn it off, or until you turn off Zone Labs security software or your computer.

Game Mode suppresses all Informational alerts and all alerts in which you are prompted to make a decision. This includes alerts caused by Ask settings in the Programs List, such as permission alerts triggered by programs trying to send mail or act as servers. It also includes OSFirewall alerts, which prompt you to allow or deny behavior considered unusual or suspicious. ID Lock alerts and Outbound Mailsafe alerts are also suppressed. Game Mode settings do not override Block or Allow settings in your Programs List. If you have configured Zone Labs security software to always block a specific program, it continues to block that program even if you activate Game Mode with a setting of Allow.

The use of Game Mode may reduce the security of your system. If you choose to allow all permission requests, you may increase the chances of a malicious program harming your computer or gaining access to your data. If, on the other hand, you choose to deny all requests, you may interrupt the functions of a legitimate program. You should therefore activate Game Mode only for the duration of your game.

To turn Game Mode on:

Right-click on the system tray icon, and choose Game Mode...
In the Activate Game Mode dialog that appears, click one of the following:
Answer all alerts with "allow"-Permission requests will be granted.

Answer all alerts with "deny"-Permission requests will be denied.

Leave the Activate Game Mode dialog open or minimize it, but do not close it.
If you close the Activate Game Mode dialog, you turn Game Mode off.

While Game Mode is on, Zone Labs security software displays a special icon in the system tray ().

To turn Game Mode off:

Do one of the following:
Close the Activate Game Mode dialog by clicking either Cancel or the Close icon (x) at upper right.
Click Stop Game Mode in the Activate Game Mode dialog.
Right-click the system tray icon and choose Stop Game Mode.

Note that Game Mode is automatically deactivated if you turn off your computer or if you turn off Zone Labs security software.

--------------------------------------------------------------------------------
Join the Zone Labs User Forum!

Get this User Guide in PDF format:

http://www.zonelabs.com" onclick="window.open(this.href);return false;

ZA internet lock is probably your easiest solution to offline play.

:FI:TacticalS! · Post by **:FI:TacticalS!** » Thu Jan 25, 2007 3:18 am

Or I can unplug the wire connecting the Internet to my PC. You geeks always overlook the obvious.

Thanks for the references. This clarifies the issue nicely for me Gurberly. Guess I appreciate ZA even more. And I also appreciate your help too Sneaky!

TS!