Vers: Zone alarm free, ver 6.1, windows XP pro
If you know quick answer, excuse extensive narrative. I think "option 2" at end is what I need to do, but I want to be sure. Thanks in advance
Question: How can I allow better internet access without compromising my security? I've found some options. Would option #2 at the end of this post be my preferred option, or something else? (I've looked at other posts, and they didn't directly address my question.)
I've been having problems consistently connecting to the internet since I've installed zone alarm. I installed zone alarm shortly after reformatting all hard drives and reinstalling my operating system. My system should be clean of viruses, trojans. I did not reconnect to the internet, after the reformat and reload, until I'd installed anti-virus software and zone alarm. The only exception was when I was downloading Windows XP updates early in the reload process.
I wish to improve my connectivity without compromising my security. I will first tell you the blocking message, then my system configuration, and then ask the best way to improve my access.
I get the following blocking message (IP addresses camouflaged for security reasons):
Description: "Packet sent from rrr.sss.ttt.vvv (UDP port nnnn) to rrr.sss.ttt.uuu (DNS) was blocked"
source IP: rrr.sss.ttt.vvv:nnnn, where rrr.sss.ttt.vvv is the IP address of my computer and nnnn is a port number that varies
destination IP: rrr.sss.ttt.uuu:53, where rrr.sss.ttt.uuu is the IP address of my router
Source DNS: the name of my computer on the network
Destination DNS: usually blank
Windows XP Pro, connected to a router, which is connected to a DSL modem.
According to my router software, my computer is assigned IP address rrr.sss.vvv
According to my router software, my router's LAN address is rrr.sss.ttt.uuu
My router is set up to be used as a DHCP server (whatever the heck that means)
My router WAN TCP/IP connection (IP address, DNS address, etc) is set to the values specified by my ISP
My computer's TCP/IP connections are set to "obtain IP address automatically" and "obtain DNS address automatically"
I have only the one router, which is sometimes connected to more than one computer. The computers are not set up to share resources
According to zone alarm, IP address rrr.sss.ttt.vvv is an adapter subnet entry, in the internet zone
Question: How can I allow better internet access without compromising my security? I've found some options. Would option #2 be my preferred option, or something else?
option 1: Set internet zone security to "Med" instead of "High". This works, but I'm concerned about compromising security
option 2: try adding the firewall log entry to the trusted zone, by using the "add to zone" button. I have not actually done this yet. (rrr.sss.ttt.vvv is already listed as a trusted zone. rrr.sss.ttt.uuu is not.) If the entire internet is not a trusted zone, why would rrr.sss.ttt.uuu be trusted, if it is the IP for accessing the internet?
option 3: Change the svchost.exe access permissions from "Access: trusted and internet =yes; Server Trusted=yes; server internet=blocked" to a setting where "server internet=ask" or "server internet=yes". This sounds like it dangerously compromises security, from what I saw in one post.
Operating System:Windows XP Pro
Product Name:ZoneAlarm (Free)