Results 1 to 2 of 2

Thread: Proper Zone Settings?

  1. #1
    doodles Guest

    Default Proper Zone Settings?

    I have always just had my cable modem internet connection in ZA as an Internet Zone.

    I just saw on the forum in another post that it should be in trusted Zone and I should also have entries for DHCP, DNS, local host and Generic Host.

    A few questions...

    1) My connection seems to be fine. Should I move it into Trusted?

    2) Should I add all those other zones? ZA never asked me too. What are the benefits of adding them or not adding them?


  2. #2
    critterjoe Guest

    Default Re: Proper Zone Settings?

    I keep my network in the Internet Zone since it has higher security and I don't need to share anything with another PC, network printer, etc. and have had no problems. I think people who added DNS servers, DHCP, etc. into their Trusted Zone did so to solve connection problems, DNS resolution problems, etc. Sometimes I have loopback ( in the Trusted Zone simply because some products like ZAES, puts it in there by default, while other products like ZAP don't (at least in the past version). So it must be optional, or perhaps needed by some people for a connection problem.

    IMO, the only reason to add things to the Trusted Zone (other than connection problems) is if you need to share with it, such as another household PC, printer, etc. But even then one wouldn't have to do the whole network IP range, just the I.P. for those components. While Trusted is "safe" if used with known computers on your network, printers, etc., why use it if you don't need to, especially if all you have is 1 PC. In addition, a router, of course, adds an extra layer of security, and hopefully you have a router in addition to your cable modem (or a combo modem/router sometimes called a "gateway"). A router or gateway helps keep you invisible to the Internet through NAT (network address translating).

    You mentioned Generic Host, but that is not a network component--that is a software module in Windows, controlled by a file svchost.exe. It is configured in the Programs Control area, not in the firewall Zones area. As a reminder for the Programs Control area, normally no program should ever need "Internet Server" permission, so that column shouldn't have any check marks except in very rare special circumstances that the majorify of people will not need. A check mark in the "Internet Server" column can be risky.. And almost no programs will even need "Trusted Server" permission. In fact, I don't have any checkmarks in the "Trusted Server" column either. However, some people will have "Trusted Server" for Generic Host if they need it, and I believe ZA does put a check mark there by default, but I remove it since I don't need it. Others' mileage may vary.

    Hopefully, someone else will comment on why they feel (if they do) that Loopback should be in the firewall Trusted Zone, and why ZA adds it in a Trusted firewall zone by default in some products but not others.
    Last edited by critterjoe; April 16th, 2010 at 02:48 AM.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Proper Privacy Settings ??
    By morey in forum ZoneAlarm Configuration
    Replies: 1
    Last Post: December 14th, 2008, 12:52 PM
  2. ZA blocking proper install of Vista SP1?
    By riceorony in forum General - Questions that don't fit any other category
    Replies: 9
    Last Post: June 20th, 2008, 09:20 AM
  3. Proper Network Detection/Configuration
    By googull in forum ZoneAlarm Configuration
    Replies: 3
    Last Post: September 21st, 2007, 07:31 AM
  4. now that i got the fire wall set up proper i want to zero out stat
    By cyfun in forum General - Questions that don't fit any other category
    Replies: 0
    Last Post: February 1st, 2007, 02:26 PM


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts