Configuring ZoneAlarm securely
by Floydman
Security researcher, Technical Director of MegaLAN Consulting and team member of DocIsland.org
You can distribute this document freely, as long as no changes are made to the file, or as long as credit for it is not pretended by someone else. All comments and suggestions about the material presented here should be directed at [email protected]. If future versions of this document include add-ons coming from other people than me, then proper credit to the various authors will be clearly identified. All version updates of this document are to be released by me.
You can find it online at http://www.geocities.com/floydian_99/
Abstract
Recently, on BugTraq, a subscriber sent an advisory claiming that ZoneAlarm was containing a vulnerability allowing people on the same subnet to connect to your machine unreported. As it turns out, this person was using ZoneAlarm with a default configuration under the wrong context. Since ZoneAlarm, and other personal firewalls, are becoming more popular, I thought that there was a need to define guidelines on how to use this tool in order to have sufficient security from it. This paper is the collection of my experiences with ZoneAlarm v2.1.25, free for personal use. I haven't had the chance to try version 2.6 Pro, or the newly released version 3.0, but I will do as soon as I can, now that I can operate under my own company (and have more freedom on my activities). This will probably be presented on future whitepapers. What will be presented here can be used by both home users connected to the Internet or network administrators who want to improve their network security (although you should use the licensed versions for commercial use in this case, which features more options).
Targeted audience
This document is presented to anyone who has interests in computer security, network intrusion, hacking, viruses, Trojan horses, network administration and computing in general.
Table of contents
3. Overview of the "Alerts" screen
4. Overview of the "Lock" screen
5. Overview of the "Security" screen
6. Overview of the "Programs" screen
7. Overview of the "Configure" screen