MSE and Zone Alarm

[HJA]

I installed MSE the other day and right away had system hangs after boot. Went through the boot list and disabled things to troubleshoot. Disabled Zone Alarm True Vector and no problems. Once back online I searched for MSE problems and Zone Alarm was high on the listings. Seems MSE doesn't like ZA very much. I happen to like ZA a lot so I guess I'll head back to ESET NOD. I had zero troubles as far as operation untill MSE. Free is nice , if it works.

 

[zigzag3143]

I installed MSE the other day and right away had system hangs after boot. Went through the boot list and disabled things to troubleshoot. Disabled Zone Alarm True Vector and no problems. Once back online I searched for MSE problems and Zone Alarm was high on the listings. Seems MSE doesn't like ZA very much. I happen to like ZA a lot so I guess I'll head back to ESET NOD. I had zero troubles as far as operation untill MSE. Free is nice , if it works.

why dont you just use eset smart security and not use zap? ESS has a commercial grade firewall and uses the NOD32 av.

Ken

 

[HJA]

why dont you just use eset smart security

Still have over a year left on subscription. I'll look into Smart Security though. Thanks for the tip.

 

[Little Darwin]

Still have over a year left on subscription. I'll look into Smart Security though. Thanks for the tip.

I understand this on one level, as I have held on to a couple of virus checker programs I thought were substandard because I paid for them.

However, there is a rule that makes a lot of sense, even though it is rarely followed (even by me).

Don't make decisions based on sunk costs.

 

[polarbear]

With MSE use Windows 7 Firewall Control to top off the firewall provided with Windows 7... You will likely never look back...

 

[JonM33]

I installed MSE the other day and right away had system hangs after boot. Went through the boot list and disabled things to troubleshoot. Disabled Zone Alarm True Vector and no problems. Once back online I searched for MSE problems and Zone Alarm was high on the listings. Seems MSE doesn't like ZA very much. I happen to like ZA a lot so I guess I'll head back to ESET NOD. I had zero troubles as far as operation untill MSE. Free is nice , if it works.

I have ZoneAlarm firewall and MSE running in a VM together without a problem. It's not MSE. Most likely the issue is user error.

 

[HJA]

I have ZoneAlarm firewall and MSE running in a VM together without a problem. It's not MSE. Most likely the issue is user error.

After lockups constantly I went through in Safe Mode and limited the startup programs until I tried the ZA True Vector. Now it's running smooth. I found numerous posts all over regarding MSE and ZA. I don't use a Virtual PC. So I am listening. Whats MY error?????

 

[JonM33]

I have ZoneAlarm firewall and MSE running in a VM together without a problem. It's not MSE. Most likely the issue is user error.

After lockups constantly I went through in Safe Mode and limited the startup programs until I tried the ZA True Vector. Now it's running smooth. I found numerous posts all over regarding MSE and ZA. I don't use a Virtual PC. So I am listening. Whats MY error?????

I don't use Virutal PC either. I use VirtualBox for my VM needs. The VM consists of Windows XP SP3 with all current patches installed. I use snapshots so that I can go back to previous versions. So currently it is running MSE, I use that on all my systems at home. I installed ZA and the install went without a hitch. I can restart the VM without a problem. No lockups at all.

What is your error? Something you have done to your OS that is causing the lockup. I don't know what it is. My point is that you cannot blame MSE for the problem. You said that free is nice if it works. Well, MSE works and it works with ZA. So don't point the finger in the wrong direction.

Numerous posts "all over" regarding MSE and ZA point to more circumstances of user error.

 

[HJA]

Here is a response from MS that dates back to Oct 09 from the ZA forum. This trouble as you can see goes back to Vista

Unfortunately, you will run into problems running MSE with Zone Alarm, due to an issue in Windows Vista and above.
A possible solution would be to uninstall either Zone Alarm or MSE (I would recommend Zone Alarm, since Windows Vista already has a built in firewall)

We are actively working to identify a fix for this issue.
You should not be seeing any issues on Windows XP.

Sincerely,
Shiroy Choksey [MSFT]

Numerous posts "all over" regarding MSE and ZA point to more circumstances of user error.

This is not something that just happens out of the blue, it is a compatability issue with ZA and MSE. As you can see above it has been about 6 months since the response. I happen to like ZA and will continue to use it. As for blame, if two products don't get along I go with the one I like. As for MSE I have seen good and bad reviews. As I said the problems are well documented. Nuff said. End post. Sorry I offended.

 

[CarlTR6]

If you like ZA, there are other free anti-virus programs/malware out there other than MSE. Though Windows firewall is good for incoming, it leaves a whole lot to be desired for outgoing. ZA is easy to configure for both incoming and outgoing. You could also try PCTools and Comodo firewalls as an alternative to ZA when your subscription expires.

 

[JonM33]

Here is a response from MS that dates back to Oct 09 from the ZA forum. This trouble as you can see goes back to Vista

Unfortunately, you will run into problems running MSE with Zone Alarm, due to an issue in Windows Vista and above.
A possible solution would be to uninstall either Zone Alarm or MSE (I would recommend Zone Alarm, since Windows Vista already has a built in firewall)

We are actively working to identify a fix for this issue.
You should not be seeing any issues on Windows XP.

Sincerely,
Shiroy Choksey [MSFT]

Numerous posts "all over" regarding MSE and ZA point to more circumstances of user error.

This is not something that just happens out of the blue, it is a compatability issue with ZA and MSE. As you can see above it has been about 6 months since the response. I happen to like ZA and will continue to use it. As for blame, if two products don't get along I go with the one I like. As for MSE I have seen good and bad reviews. As I said the problems are well documented. Nuff said. End post. Sorry I offended.

Does it occur with MSE and Comodo Firewall? Does it happen with MSE and Windows Firewall? Do you see a trend?

Windows Firewall has had outbound configuration since Windows Vista. There is no need for ZA in my book.

Just for settling this. I'll go ahead and install Windows 7 in a VM and see if I can reproduce the problem as well. I will get back to you.

 

[Subsonic]

Using ZoneAlarm with Avast 5. Great combination! Great price (free)!

 

[JonM33]

This is not something that just happens out of the blue, it is a compatability issue with ZA and MSE. As you can see above it has been about 6 months since the response. I happen to like ZA and will continue to use it. As for blame, if two products don't get along I go with the one I like. As for MSE I have seen good and bad reviews. As I said the problems are well documented. Nuff said. End post. Sorry I offended.

Okay, I should stand corrected then.

In a VM with Windows 7 fresh install + all updates/patches...

Windows 7 + MSE + ZoneAlarm Firewall = Hang after reboot. Had to use safe mode to uninstall ZA. After that everything works fine.
Windows 7 + MSE + Windows Firewall = Works fine.
Windows 7 + MSE + Comodo Firewall = Works fine.

So it seems to be a software issue with ZoneAlarm. You can't blame MSE on this if it works with 2 other known firewalls.

 

[neo101]

Zonealarm says their progs for download are all still in beta for WIN 7 and they are getting a real slagging on firewall test reviews at the moment.

Just have to wait till they get their act together again.

I like having visual control over what software/items are trying to 'dial out'
(unlike Msoft firewall which doesn't block anfink outbound till u tell it to - Polar Bear) and I have a Z.A. update license too.

 

[BugMeister]

With MSE use Windows 7 Firewall Control to top off the firewall provided with Windows 7... You will likely never look back...

..I'll drink to that!!

 

[JonM33]

Zonealarm says their progs for download are all still in beta for WIN 7 and they are getting a real slagging on firewall test reviews at the moment.

Just have to wait till they get their act together again.

I like having visual control over what software/items are trying to 'dial out'
(unlike Msoft firewall which doesn't block anfink outbound till u tell it to - Polar Bear) and I have a Z.A. update license too.

Then why use ZoneAlarm? It was notorious for doing just that.

 

[CarlTR6]

Windows Firewall has had outbound configuration since Windows Vista. There is no need for ZA in my book.

Yes, Windows Fire wall has outbound configuration - if one is a Geek. It is most certainly NOT simple nor intuitive. I tried PC Tools firewall and it worked well. But it was not quite as flexible as I prefer. I am now using Comodo. It is nice as easy to to use as is ZA; but now that I'm learning it, I can easily manage outbound traffic.

I am behind a router and hardware firewall (which is far better). I use a software firewall to easily manage outgoing. If Windows firewall was easy to configure for outgoing, I would be using it.

 

[JonM33]

Yes, Windows Fire wall has outbound configuration - if one is a Geek. It is most certainly NOT simple nor intuitive.

How is it not simple? Open the Windows Firewall with Advanced Security, select Outbound Rules, select New Rule and configure it from there. You can set it for programs, ports or even custom rules. It's extremely easy and much better than a pop-up asking you if you want one of a hundred apps to access the internet. Comodo and ZoneAlarm are worse than UAC.

I am behind a router and hardware firewall (which is far better). I use a software firewall to easily manage outgoing. If Windows firewall was easy to configure for outgoing, I would be using it.

It is easy to configure. See above. If you know how to configure a hardware firewall then the Windows Firewall will be just as easy for you.

Quick plug: Special Report: Security: Deconstructing Common Security Myths

Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.
Speaking of host firewalls, why is there so much noise about outbound filtering? Think for a moment about how ordinary users would interact with a piece of software that bugged them every time a program on their computer wanted to communicate with the Internet. What would such a dialog box look like? "The program NotAVirus.exe wants to communicate on port 34235/tcp to address 207.46.225.60 on port 2325/tcp. Do you want to permit this?" Ugh! How would your grandmother answer that dialog box? Thing is, your grandmother just got an e-mail with an attachment that promises some rather sexy naked dancing pigs. Then this crazy dialog box appears. We promise: when the decision is between being secure and watching some naked dancing pigs, the naked dancing pigs win every time.

The fact is, despite everyone’s best efforts, outbound filtering is simply ignored by most users. They just don’t know how to answer the question. So why bother with it? Outbound filtering is too easy to bypass, too. No self-respecting worm these days will try to communicate by opening its own socket in the stack. Rather, it’ll simply wait for the user to open a Web browser, then hijack that connection. You’ve already given the browser permission to communicate, and the firewall has no idea that a worm has injected traffic into the browser’s stream.

Outbound filtering is only useful on computers that are already infected. And in that case, it’s too late—the damage is done. If instead you do the right things to ensure that your computers remain free of infection, outbound filtering does nothing for you other than, perhaps, to give you a false sense of being more secure. Which, in our opinion, is worse than having no security at all.
​

 

[CarlTR6]

Yes, Windows Fire wall has outbound configuration - if one is a Geek. It is most certainly NOT simple nor intuitive.

How is it not simple? Open the Windows Firewall with Advanced Security, select Outbound Rules, select New Rule and configure it from there. You can set it for programs, ports or even custom rules. It's extremely easy and much better than a pop-up asking you if you want one of a hundred apps to access the internet. Comodo and ZoneAlarm are worse than UAC.

It is the "New Rule and configure it from there" that I have not learned how to do. ZA, Comodo, and PCTools present me with a list of apps and services accessing the internet. That makes it easy to configure with out writing a rule for each app and service. This is what I was referring to about not being a Geek.

I am behind a router and hardware firewall (which is far better). I use a software firewall to easily manage outgoing. If Windows firewall was easy to configure for outgoing, I would be using it.

It is easy to configure. See above. If you know how to configure a hardware firewall then the Windows Firewall will be just as easy for you.

I am just learning about which ports do what. My hardware firewall is easy to configure because it presents me with a list of option as do ZA, Comodo, and PCTools. I do not have the knowledge and experience to write these rules. But I am learning. The attached image shows my hardware firewall settings.

Quick plug: Special Report: Security: Deconstructing Common Security Myths

Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.
Speaking of host firewalls, why is there so much noise about outbound filtering? Think for a moment about how ordinary users would interact with a piece of software that bugged them every time a program on their computer wanted to communicate with the Internet. What would such a dialog box look like? "The program NotAVirus.exe wants to communicate on port 34235/tcp to address 207.46.225.60 on port 2325/tcp. Do you want to permit this?" Ugh! How would your grandmother answer that dialog box? Thing is, your grandmother just got an e-mail with an attachment that promises some rather sexy naked dancing pigs. Then this crazy dialog box appears. We promise: when the decision is between being secure and watching some naked dancing pigs, the naked dancing pigs win every time.

The fact is, despite everyone’s best efforts, outbound filtering is simply ignored by most users. They just don’t know how to answer the question. So why bother with it? Outbound filtering is too easy to bypass, too. No self-respecting worm these days will try to communicate by opening its own socket in the stack. Rather, it’ll simply wait for the user to open a Web browser, then hijack that connection. You’ve already given the browser permission to communicate, and the firewall has no idea that a worm has injected traffic into the browser’s stream.​

Except one can block that dialog box from appearing not giving a user the choice.

Outbound filtering is only useful on computers that are already infected. And in that case, it’s too late—the damage is done. If instead you do the right things to ensure that your computers remain free of infection, outbound filtering does nothing for you other than, perhaps, to give you a false sense of being more secure. Which, in our opinion, is worse than having no security at all.

I tend to agree with this. A visitor inadvertently introduced a Trojan to my XP system. Because of the ZA dialog box, I was able to catch it quickly before it spread or phoned home. And I was able to get rid of it easily. It paid off for me. That is why I am so adamant about outgoing control.

I also used outgoing control to block to block XP's MS genuine advantage from phoning home every time I rebooted. Every now and then I would let it through.

I have nothing against Windows firewall and as I learn to write those rules, I will probably use it. The programmers for whatever reason did not make it easy nor intuitive to configure outgoing. Was this by design to make it difficult to prevent MS apps from phoning home as I did with genuine advantage? Just kidding; I'm not a conspiracy theorist. What I want is the ability to make outgoing apps ask me to connect - at least the first time. In some cases, I want to asked every time like I did with genuine advantage. This is why I am using Comodo.

​

 

[Jacee]

Have you 'allowed' all settings for MSE in ZoneAlarm? Click on the program control (programs) and see if MSE has a green checkmark in the boxes.