Results 1 to 5 of 5

Thread: Internet & Trusted Zones

  1. #1

    Default Internet & Trusted Zones



    On my main PC (a desktop) I use Zone Alarm Security Suite v 8.0.400.020. My O/S is Vista Ultimate.




    I use a Virgin cable modem in the UK. The cable modem goes to a Linksys wireless router. My main PC is connected to the router with a wired connection. I also have a laptop with a wireless connection to the router. My Firewall Settings are (i) Internet Zone Security = High; and (ii) Trusted Zone Security = Medium.




    On set up, ZA detects a private network (192.168.1.0) which the ZA manual recommends that I put in the Trusted Zone. If I put the network 192.168.1.0/255.255.255.0 (essentially my home network including my router) into the Trusted Zone will I understand that ZASS no longer protects me from external hackers etc, etc as their probe comes through the router which is in the Trusted Zone - I have to rely on my Router for this inbound protection. Is this correct??




    I understand that other ZASS features (including outbound protection) remain in place.




    I want my Main PC to be protected by ZASS for both inbound and outbound traffic. I do not want to rely on my router.




    My DHCP Server
    is 192.168.1.1 which is the router. It seems odd that the general recommendation for home networks is to put the DHCP server (ie 192.168.1.1 =
    the Router) into the trusted zone which then negates ZASS' inbound traffic protection?? See http://forums.zonealarm.org/zonelabs...ssage.id=52217
    for example of the recommendations. See also
    the Guru Hoov site.




    I would be grateful for any comments/help on this subject.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Internet & Trusted Zones


    <BLOCKQUOTE><HR>dogdog wrote:


    If I put the network 192.168.1.0/255.255.255.0 (essentially my home network including my router) into the Trusted Zone will I understand that ZASS no longer protects me from external hackers etc, etc as their probe comes through the router which is in the Trusted Zone - I have to rely on my Router for this inbound protection. Is this correct??
    <HR></BLOCKQUOTE>No, not correct. Harckers are on the internet. All internet unsolicited calls that manage to pass the router will still be filtered by the ZA. Trusting your LAN (192.168.1.0/255.255.255.0) does NOT mean you are trusting the internet. If you don't want to share any resources with other PC/resources on your LAN then set it to internet. BUT you need to set your DNS and DHCP as trusted (= your router). Setting your router as trusted does NOT mean your are trusting all the traffic that reach the router. All internet traffic is still internet! Yes, good. Keep the trusted zone set to MEDIUM and Internet set to HIGH.Cheers,Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3

    Default Re: Internet & Trusted Zones


    <blockquote><hr>fax wrote:

    <blockquote><hr>dogdog wrote:


    If I put the network 192.168.1.0/255.255.255.0 (essentially my home network including my router) into the Trusted Zone will I understand that ZASS no longer protects me from external hackers etc, etc as their probe comes through the router which is in the Trusted Zone - I have to rely on my Router for this inbound protection. Is this correct??
    <hr>

    </blockquote>No, not correct. Harckers are on the internet. All internet unsolicited calls that manage to pass the router will still be filtered by the ZA.Trusting your LAN (192.168.1.0/255.255.255.0) does NOT mean you are trusting the internet. If you don't want to share any resources with other PC/resources on your LAN then set it to internet. BUT you need to set your DNS and DHCP as trusted (= your router). Setting your router as trusted does NOT mean your are trusting all the traffic that reach the router. All internet traffic is still internet!
    Yes, good. Keep the trusted zone set to MEDIUM and Internet set to HIGH.
    Cheers,Fax

    <hr></blockquote>Thanks for your comments.
    I do not have my DNS and DHCP as Trusted. Everything is in the Internet Zone (or not listed and hence in the Internet Zone by default). However, everything works fine. Why do you believe that DNS/DHCP should be in the Trusted Zone?? What am I losing by not doing so.
    Thanks for your help.

  4. #4
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,292

    Default Re: Internet & Trusted Zones


    <BLOCKQUOTE><HR>dogdog wrote:

    <BLOCKQUOTE>Everything is in the Internet Zone
    <HR></BLOCKQUOTE></BLOCKQUOTE>Everything what? Loopback should be trusted as well as DNS and DHCP + the LAN (network) if you want to share resources with otherPCs in your LAN (your LAN is different from the INTERNET). And remember TRUSTED zone should be set to MEDIUM andNOTHIGH.
    <BLOCKQUOTE><HR>dogdog wrote:

    <BLOCKQUOTE>What am I losing by not doing so<HR></BLOCKQUOTE></BLOCKQUOTE>Potential connection problems. You could have loss ofconnection (from standby orwhile surfing). Note that ZA set your DNS and DHCP in the trusted zone at install. Its normal and by default. If you change your defaults you could have problems or could not...but don't be surprised or come here complaining your ZA is not working correctlyCheers,Fax


    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5
    stormsy Guest

    Default Re: Internet & Trusted Zones

    I use to have the same problems as. After I installed ZASS I connected the modem whilst the computer was on and a pop-up would say the similar thing to you.

    What I did was turn the PC off after ZASS was installed and plugged in the modem. After that I turned the PC back on I didn't get any pop-ups about new networks.

    Try that, it might work.

    Stormsy.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •