Norton Internet Security or Zone Alarm Pro?

I was wondering if anyone could tell me in there opinion which is better, Norton Internet Security or Zone Alarm Pro. Thx for any info.

FOR FIREWALL Zone Alarm Pro is the best.

Norton internet security is complex.
I’m using Zone Alarm Pro for 2 years.

ZoneAlarm intentionally sends wrong alerts about attacks (which never have taken place) to give you a wrong feeling of security. Furthermore, you find all necessary information to bypass ZoneAlarm on a “protected” PC via google and astalavista.
The program is not even worth the space it consumes on your hard disc.

Originally posted by alexnoe
ZoneAlarm intentionally sends wrong alerts about attacks (which never have taken place) to give you a wrong feeling of security. Furthermore, you find all necessary information to bypass ZoneAlarm on a “protected” PC via google and astalavista.
The program is not even worth the space it consumes on your hard disc.

True, but what firewall cant be broken? I have to admit the false alerts are annoying but I dont mind.

True, but what firewall cant be broken?
None. That’s why I don’t install any.
I have to admit the false alerts are annoying but I dont mind
But if you don’t know that these are false alarms, then you might think that ZoneAlarm could be good for something.
Most others are more difficult to break. ZoneAlarm is especially bad because it verifies filenames. Every virus can tell ZoneAlarm to be “outlook.exe”…

For knowledgeable and informative review information about software firewalls from reasonable people who have some technical understanding of them, please refer to Firewall Guide Software Reviews

I’ll go through the ZoneAlarm reviews to find out which of them is knowledgeable…

OK: From PC-Magazine:

After you give a program Internet access, ZoneAlarm Pro warns you if that program is changed, so a Trojan horse can’t disguise itself under the name of an existing program.
Good joke…just as if it was a problem to compensate for this…I doubt that ZoneAlarm calculates a CRC for each program…

The CNet review is very long way to say “ZoneAlarm protects you from every attack, including photon torpedoes”.

The information that I posted was for mmz87.

mmz87, you will get much better information at the site that I posted than you are getting here from unknowlegeable people with extreme opinions.

The information that I posted was for mmz87.
And I want to show that these information aren’t accurate, to express it carefully. The “reviewers” draw false conclusions from some facts.

OK, let’s go ahead.
The Philadelphia inquirer:

Both monitor the computer for programs reaching out to the Internet and then ask you if these programs - such as Internet Explorer, your e-mail program and Windows’ updating utility - should be allowed to communicate with the outside world.

I think I don’t need to comment on this again…I did this before. BTW usually most posts are opinions.
But it is a fact (and no opinion) that allowing certain programs to pass through the “firewall” messes up the whole system, because authentication of these files is not safe.

The most funny people are the ones who use ZoneAlarm, but don’t turn JavaScript off…

I think you don’t believe me until I set up a page which causes some “side effects” on other PCs (which might not legal)…you forget that trojans are not the only source of danger. html pages with malicious java code is easier to make…well, at least NetMag reviewers seem to be aware of this…

A really good source of info about security software are the newsgroups at GRC. The server is news.GRC.com, the security software group is huge.
Alex, you are off-base on firewalls, and you should be using one if you have any concern for stealth on the net. Of course a firewall can be hacked, BUT only if it can be seen in the first place. If they don’t know you’re there, they can’t get in. So they have to deliver a trojan in some other package which you voluntarily import.
During the code red fiasco this past year, virtually no machines were compromised that had any firewall in place. Any system that was online, with a broadband connection and no firewall was nearly certain to be compromised.
Saying that because a firewall is not perfect - you shouldn’t use it - is like saying that condoms sometimes fail so you shouldn’t use them. Come on, Alex, be realistic. ZoneAlarm can be configured to always ask permission for any program to access the connection, the fact that some people choose not to do so is not the software’s fault. It also allows you to lock the connection completely.
As for Norton “security” software, I wouldn’t waste my money there apart from NAV.

If they don’t know you’re there, they can’t get in
This would concern people who intentionally want to get exactly into your PC, and not into someone else’s.

So they have to deliver a trojan in some other package which you voluntarily import.
And exactly this is the problem, in connection with the abovementioned statement: It can be delivered via email (html+java), or via such a nice “package” you have to install before you can view a page.

the fact that some people choose not to do so is not the software’s fault.
Ack. But still, any trojan can pretend being “outlook.exe”, and pretending a different file size, file creation date etc is no problem either (unless the trojan was written by an idiot). Even if it askes you, you can’t be certain then it’s really “outlook.exe” who wants to “talk”.

Saying that because a firewall is not perfect - you shouldn’t use it - is like saying that condoms sometimes fail so you shouldn’t use them.

Good point, but everyone is aware that condoms can fail. Less people seem to be aware that the security ZoneAlarm adds is far from ultimate…

All these review pretend that you merely need to install ZoneAlarm and suddenly get a completely safe PC. Not one single word that Java must be deactivated for emails or the such.

I think the real issue is not whether someone CAN get by this or that firewall, but whether anyone actually has done so in the real world. Having all ports stealthed is an enormous step in the right direction, and ZA does this. It also has steadily improved it’s ability to identify programs that are accessing the connection. The combination of a hardware router and software firewall is still considered pretty must the best level of protection for every-day use, and so far has proved to be adequate in the real world. I have read many of these arguments on the various forums, and i have never once seen even a report of someone being compromised who had this level of protection, except in the instance where someone else was deliberatedly attacking that individual, (usually to prove a point). Zone alarm will keep out all but the most determined hacker who is specifically targeting YOU, and it will control any and all outbound traffic if properly configured and used. It wasn’t until ZA came along that most prople realized that there was even a need to control outbound traffic, now several others have fallen in step.

Originally posted by rdgrimes
A really good source of info about security software are the newsgroups at GRC. The server is news.GRC.com, the security software group is huge.

I suggest you thorougly read this site who has a different view of Mr Steve Gibson.

To have some understanding of IP , check this movie. (Right click to save). If somehow it’s not available , click here.

What is a firewall ?

In my point of view . just “a” wall… and like any wall , it can be broken , bent , destroyed or worked around given the right tools , time , people , power and performance.

What does a firewall do ?

It’s a traffic agent. It lets certain packages through , and some packages are blocked. For instance , your firewall may be configured to let IP port 21 go through but block IP port 22.

What does zonealarm do ?

ZoneAlarm says it blocks everything and then YOU have to get permission to let it through. Fun part is … most people don’t have a clue what they’re letting through and evil programs that use a .dll layer or a internal program (IEXPLORE.EXE ring any bells ?) to get through , will succeed , because YOU gave them persimmsion.

Is ZoneAlarm any good ?

IMHO…yes … it’s good… but not good for everything. Like Linux isn’t the total answer to have a stable OS. It has its ups and downs. If you are total paranoia … Do NOT use ZoneAlarm… just get off the net at all. If you tend to block 80% of all the script kitty’s (using old Sub7 and Bo2k tools for instance)… ZoneAlarm will do quite nicely… as will Norton’s Firewall… If you want more security … you have to PAY FOR IT… (Scary eh ?) Not by going to ZoneAlarm pro… but to get a CORRECTLY CONFIGURED HARDWARE firewall between your network and the big evil internet.

The Internet is only spooky to people who have been told it’s spooky. Then again , all the people want free things… but not pay for them (As cryptic as this may sound… put the internet as discussion point in that sentence)


Firewalls have been business long before Mr Gibson showed up and Symantec just hopped on the train grc started here. I have been “fooled” as well by Mr. Gibson for quite some time till i found evidences and statements questioning that knowledge Mr Gibson has. Do what you want with the information typed above… it’s my personal view… i do not expect you to take it for granted , i do not expect to be flamed , i do not expect a lot of discussions about ZoneAlarm as well… capice ?


What does Mr. Belvedere use ?

He uses Smoothwall on a pc that also tells the rest of the 5 pc’s where to connect to the internet. All incoming traffic that has not been a request by the inboud network is blocked and yet all ports above 1000 are wide open. It’s not perfect … but it works.

I think Norton is somewhat better than Zone alarm, but I don’t like’em both. I still prefer my Freesco (Linux router) firewall. That’s a pretty good one… long live stealth mode ;).

ZA conflicts with some of the P2P sharing programs like WinMX.

We all live in houses and every one of our houses have doors. These doors have locks and none of these locks are impenetrable. We can even argue about which locks are effective and which are not but the fact still remains that most of us would rather not be without a lock on the doors. The purpose of these locks is to provide some kind of deterrent against unwanted intrusions. While the lock may be at the mercy of the true pros, they are effective in deterring the casual intruder for the most part.

You all have valid points and most of you have supported your points with informative documentation as usual, but which of you would remove the locks from your doors and sleep well? While the readings are interesting and informative, I would still err on the side of caution. Personally I use a hardware firewall supplemented by Zone Alarm Pro. While I’m not very fond of ZA, I’m used to having some kind of controll over outbound traffic and I used to ZA.

Still the articles are great. Good read.

I tryed zone alarm, but after a while it keep saying “??? is trying to enter the internet”… Ok “let it” I say, tell it its ok to let it do it forever. Then the sucker would go and to it again and again and again… :a . Off it came. Nortons seems not to do this.

@Nemesys:
Your comparison is not good: It would be more appropriate to say: "…it’s useless to lock all windows if you keep the main door [=JavaScript, using IE and OE ] open or completely remove some locks forever [allowing some programs always to pass], … " (which i’m sure 99% of ZA-users do!)

@alexnoe
Good point, and it’s well taken. Agreed, but as you stated, that would be taking it several steps beyond what the average PC user has an awareness of. Most are not aware of the dangers of malacious scripting and dangerous ActiveX controls. The concerns are generally for casual hackers and popular viruses. But even if my windows were shut but not locked I would still be safer with locks on my doors than without, as the door is the most likely entry point for the average intruder.

But you are absolutely on point, firewalls are not the only answer.

For firewall evalualtion, go to Steve Gibson’s site www.grc.com and read his article – “The Classic DoS Attack Report” – at http://grc.com/default.htm…Steve got heavily attacked and see what worked for him

When you have your Firewall installed go to www.grc.com and do Steve’s leak Test and Shields-Up test.

Go to www.Google.com and do a seach:…Firewall comparison.,You will find many evaluations of firewalls…Like that at…http://www.sysopt.com/reviews/firewall/index7.html

All said and done, most tests show ZoneAlarm and Sygate generally at the top…The only problem with ZoneAlarm is that now and then they make ZA too agressive and it hogs the Cpu — and a new update is almost instantly made.