Does it occur with MSE and Comodo Firewall? Does it happen with MSE and Windows Firewall? Do you see a trend?
Windows Firewall has had outbound configuration since Windows Vista. There is no need for ZA in my book.
Just for settling this. I'll go ahead and install Windows 7 in a VM and see if I can reproduce the problem as well. I will get back to you.
Okay, I should stand corrected then.
In a VM with Windows 7 fresh install + all updates/patches...
Windows 7 + MSE + ZoneAlarm Firewall = Hang after reboot. Had to use safe mode to uninstall ZA. After that everything works fine.
Windows 7 + MSE + Windows Firewall = Works fine.
Windows 7 + MSE + Comodo Firewall = Works fine.
So it seems to be a software issue with ZoneAlarm. You can't blame MSE on this if it works with 2 other known firewalls.
Zonealarm says their progs for download are all still in beta for WIN 7 and they are getting a real slagging on firewall test reviews at the moment.
Just have to wait till they get their act together again.
I like having visual control over what software/items are trying to 'dial out'
(unlike Msoft firewall which doesn't block anfink outbound till u tell it to - Polar Bear) and I have a Z.A. update license too.
Yes, Windows Fire wall has outbound configuration - if one is a Geek. It is most certainly NOT simple nor intuitive. I tried PC Tools firewall and it worked well. But it was not quite as flexible as I prefer. I am now using Comodo. It is nice as easy to to use as is ZA; but now that I'm learning it, I can easily manage outbound traffic.
I am behind a router and hardware firewall (which is far better). I use a software firewall to easily manage outgoing. If Windows firewall was easy to configure for outgoing, I would be using it.
How is it not simple? Open the Windows Firewall with Advanced Security, select Outbound Rules, select New Rule and configure it from there. You can set it for programs, ports or even custom rules. It's extremely easy and much better than a pop-up asking you if you want one of a hundred apps to access the internet. Comodo and ZoneAlarm are worse than UAC.
It is easy to configure. See above. If you know how to configure a hardware firewall then the Windows Firewall will be just as easy for you.
Quick plug: Special Report: Security: Deconstructing Common Security Myths
Myth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.
Speaking of host firewalls, why is there so much noise about outbound filtering? Think for a moment about how ordinary users would interact with a piece of software that bugged them every time a program on their computer wanted to communicate with the Internet. What would such a dialog box look like? "The program NotAVirus.exe wants to communicate on port 34235/tcp to address 207.46.225.60 on port 2325/tcp. Do you want to permit this?" Ugh! How would your grandmother answer that dialog box? Thing is, your grandmother just got an e-mail with an attachment that promises some rather sexy naked dancing pigs. Then this crazy dialog box appears. We promise: when the decision is between being secure and watching some naked dancing pigs, the naked dancing pigs win every time.
The fact is, despite everyone’s best efforts, outbound filtering is simply ignored by most users. They just don’t know how to answer the question. So why bother with it? Outbound filtering is too easy to bypass, too. No self-respecting worm these days will try to communicate by opening its own socket in the stack. Rather, it’ll simply wait for the user to open a Web browser, then hijack that connection. You’ve already given the browser permission to communicate, and the firewall has no idea that a worm has injected traffic into the browser’s stream.
Outbound filtering is only useful on computers that are already infected. And in that case, it’s too late—the damage is done. If instead you do the right things to ensure that your computers remain free of infection, outbound filtering does nothing for you other than, perhaps, to give you a false sense of being more secure. Which, in our opinion, is worse than having no security at all.
It is the "New Rule and configure it from there" that I have not learned how to do. ZA, Comodo, and PCTools present me with a list of apps and services accessing the internet. That makes it easy to configure with out writing a rule for each app and service. This is what I was referring to about not being a Geek.
I am just learning about which ports do what. My hardware firewall is easy to configure because it presents me with a list of option as do ZA, Comodo, and PCTools. I do not have the knowledge and experience to write these rules. But I am learning. The attached image shows my hardware firewall settings.It is easy to configure. See above. If you know how to configure a hardware firewall then the Windows Firewall will be just as easy for you.
Quick plug: Special Report: Security: Deconstructing Common Security MythsMyth: Host-Based Firewalls Must Filter Outbound Traffic to be Safe.
Speaking of host firewalls, why is there so much noise about outbound filtering? Think for a moment about how ordinary users would interact with a piece of software that bugged them every time a program on their computer wanted to communicate with the Internet. What would such a dialog box look like? "The program NotAVirus.exe wants to communicate on port 34235/tcp to address 207.46.225.60 on port 2325/tcp. Do you want to permit this?" Ugh! How would your grandmother answer that dialog box? Thing is, your grandmother just got an e-mail with an attachment that promises some rather sexy naked dancing pigs. Then this crazy dialog box appears. We promise: when the decision is between being secure and watching some naked dancing pigs, the naked dancing pigs win every time.
The fact is, despite everyone’s best efforts, outbound filtering is simply ignored by most users. They just don’t know how to answer the question. So why bother with it? Outbound filtering is too easy to bypass, too. No self-respecting worm these days will try to communicate by opening its own socket in the stack. Rather, it’ll simply wait for the user to open a Web browser, then hijack that connection. You’ve already given the browser permission to communicate, and the firewall has no idea that a worm has injected traffic into the browser’s stream.
Except one can block that dialog box from appearing not giving a user the choice.
I tend to agree with this. A visitor inadvertently introduced a Trojan to my XP system. Because of the ZA dialog box, I was able to catch it quickly before it spread or phoned home. And I was able to get rid of it easily. It paid off for me. That is why I am so adamant about outgoing control.Outbound filtering is only useful on computers that are already infected. And in that case, it’s too late—the damage is done. If instead you do the right things to ensure that your computers remain free of infection, outbound filtering does nothing for you other than, perhaps, to give you a false sense of being more secure. Which, in our opinion, is worse than having no security at all.
I also used outgoing control to block to block XP's MS genuine advantage from phoning home every time I rebooted. Every now and then I would let it through.
I have nothing against Windows firewall and as I learn to write those rules, I will probably use it. The programmers for whatever reason did not make it easy nor intuitive to configure outgoing. Was this by design to make it difficult to prevent MS apps from phoning home as I did with genuine advantage? Just kidding; I'm not a conspiracy theorist. What I want is the ability to make outgoing apps ask me to connect - at least the first time. In some cases, I want to asked every time like I did with genuine advantage. This is why I am using Comodo.
Have you 'allowed' all settings for MSE in ZoneAlarm? Click on the program control (programs) and see if MSE has a green checkmark in the boxes.
Quote
