Page 1 of 2 12 LastLast
Results 1 to 15 of 22
  1. #1
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Firewall - Trusted vs. Internet

    I am using eTrust Personal Firewall which seems to be set up a lot like ZA. So my question is - What is the difference between zones - Trusted vs. the Internet?

    I have an entry in Firewall/Zones for my 192.168.1.0/255.255.255.0 network connection, which gives me access to the internet through my router/cable modem. And it is in the Trusted zone. When I set up the firewall, it automatically put this entry there for me so I didn't have to decide about it.

    What else would I ever add to this panel and when would I use the Internet zone? Guess that is more than one question!


    "Peace begins with a smile. "-- Mother Teresa

  2. #2
    Super Moderator
    Join Date
    Dec 2000
    Location
    Renton, Washington, USA
    Posts
    12,560
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Re: Firewall - Trusted vs. Internet

    Do you have other computers on your local network?
    If so they are blocked, if they are NOT listed.

    Now running HP Pavilion a6528p, with Win7 64 Bit OS.

  3. #3
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    I have two computers - connected via the router/cable modem. They are my PC, (via RJ45) and my Mac (which connects wirelessly). Both are able to connect and receive email okay. Both have 192.168.x.x numbers. Do I need to add them? To the Trusted zone?


    "Peace begins with a smile. "-- Mother Teresa

  4. #4
    Bronze Lounger IanWilson's Avatar
    Join Date
    Dec 2000
    Location
    Bristol, United Kingdom
    Posts
    1,523
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewall - Trusted vs. Internet

    Obviously your router needs to be able to communicate with your computer. As Dave A has said, if you have other computers in your network, they need to be in the trusted zone to be able to communicate with your computer. The internet zone is just everything else that you don't include in the trusted zone. This simply enables you to give a higher level of access to your local network than you would to the big bad world the other side of your router. You don't need to add anything to the internet zone, you just set the security settting at an appropriate level.

    It seems to me that eTrust Personal Firewall is more than just set up a lot like ZoneAlarm - as far as I can see it is ZoneAlarm rebadged.

    I've shown below an example of settings in ZA showing the difference between security in the two zones. Set like this, the other two computers in my house can see my files, and print to my printer.

    Ian

  5. #5
    Bronze Lounger IanWilson's Avatar
    Join Date
    Dec 2000
    Location
    Bristol, United Kingdom
    Posts
    1,523
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewall - Trusted vs. Internet

    Yes, add them, by specifying their IP addresses.

    Ian

  6. #6
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    I do have my settings set the same way as you show in your <post:=562,889>post 562,889</post:> so at least we have one thing in agreement! <img src=/S/grin.gif border=0 alt=grin width=15 height=15> And I will add my two IP numbers as well.

    The internet zone is just everything else that you don't include in the trusted zone.

    Okay now I'll show my complete ignorance - what do you mean by your statement - which is in italics above?

    More questions - Why do they give the option of Internet zone? What is it used for? When would I put something in that zone? Now I am on a roll - lots of questions!

    <img src=/S/thankyou.gif border=0 alt=thankyou width=40 height=15>


    "Peace begins with a smile. "-- Mother Teresa

  7. #7
    Bronze Lounger IanWilson's Avatar
    Join Date
    Dec 2000
    Location
    Bristol, United Kingdom
    Posts
    1,523
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewall - Trusted vs. Internet

    <hr>The internet zone is just everything else that you don't include in the trusted zone.<hr>
    I just mean that the two other computers on your home network are the trusted zone. The rest of the world is the internet zone.
    <hr>Why do they give the option of Internet zone? What is it used for? When would I put something in that zone?<hr>
    They give the option so that you can apply stricter security to the rest of the world - I don't want you (no offence - nor anyone else outside my household either!) getting access to the files on my hard disk. That's why I use a firewall. You don't put anything in the internet zone. It is where every computer in the world is, apart from those you have put in your trusted zone.

    Ian

  8. #8
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    Thanks for your reply and no offense taken. <img src=/S/smile.gif border=0 alt=smile width=15 height=15> I wouldn't want anyone snooping through my stuff either! <img src=/S/laugh.gif border=0 alt=laugh width=15 height=15> I think I have my firewall set up pretty much the way I want it now and feel better about it - at least until I think up more questions! <img src=/S/grin.gif border=0 alt=grin width=15 height=15> And after doing some more reading of the posted information in the Lounge, I think I'll add back in my DNS and DHCP IPs to the trusted zone as well - based on this <post:=543,867>post 543,867</post:> of Rebel's. These two entries were puzzling me too because I didn't know which way they needed to be - "Trusted or Internet" but it looks like "Trusted" is where they should be placed. <img src=/S/thumbup.gif border=0 alt=thumbup width=15 height=15>

    Thanks again for clearing up some of my questions! <img src=/S/yep.gif border=0 alt=yep width=15 height=15>


    "Peace begins with a smile. "-- Mother Teresa

  9. #9
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Firewall - Trusted vs. Internet

    Trusting all PCs in your private address range is okay unless you have a wireless access point. Then you might want to be less trusting because of the possibility that a stranger could connect into your private address range. Using WPA (Pre-shared Key) and a strong password on your wireless access point should limit the risk of that. And using a password on any shared folders also is a good idea. Finally, closing off any ports that locals don't need to access also is a good idea. I don't know how you do that in ZA/eTrust, but another user probably could tell you.

  10. #10
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    I do have my wireless protected with a password so I feel fairly comfortable about it, never complacent though! And I decided to give both computers a Shields Up test. They passed - all stealth. And at last, I am finally able to see both the PC and the MAC. The only other thing I need to figure out is how to password protect shared folders. The sharing and permissions dialog box is a lot different than what I was used to on the Windows NT box (I'm using XP Pro now) I'm wondering if that is because I need to look into the Local Security Settings and change something in there? Anyway, I am further along than I was!
    <img src=/S/thankyou.gif border=0 alt=thankyou width=40 height=15>


    "Peace begins with a smile. "-- Mother Teresa

  11. #11
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Firewall - Trusted vs. Internet

    > I do have my wireless protected with a password so I feel fairly comfortable about it,

    There are a number of different ways to protect a wireless network with a password. Some of these are fairly secure, others are fairly easy to crack. If you are using WEP then a hacker simply needs to log packets for a few hours to be able to find your password. Depending on where your network is, and how many hackers are likely to be interested, this may be an acceptable level of risk.

    StuartR

  12. #12
    Plutonium Lounger
    Join Date
    Oct 2001
    Location
    Lexington, Kentucky, USA
    Posts
    12,107
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Firewall - Trusted vs. Internet

    When I was ready to 'come back' to the free ZA product I read someplace on their web pages that as part of the installation you should make sure that your LAN is entered as trusted. Not sure where I found it and this is the best I can do right now: Zone Labs: Service & Support. I also had to add the two DNS IP addresses of my cable ISP to stop ZA from giving me warnings. I guess my cable guy (ISP) is polling my machine to see if I'm still here. I never checked it out any further, so I don't know if I made a boo-boo or not.

    <IMG SRC=http://download.zonelabs.com/bin/media/images/zasc/quick_tip_box.gif>

  13. #13
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    Hi SuartR - We live on a fairly busy state highway with the nearest neighbor being about a quarter of a mile away so I don't "think" I'll have any problems with someone hacking in. Of course I realize that nothing is impossible anymore.

    While looking at my router settings, I see there is a place where I can limit access by requiring the MAC address of that computer, and then the computer must also have the correct SSID and WEP settings to be able to access my wireless connection. At least this is what I understand about it as I read through the descriptive information?

    There is also an area where I can turn off SSID Broadcasting, which I have done. And lastly I guess I could hard wire this computer instead of using the wireless feature since it is a desktop and sits quite close to the router. I was experimenting with the features of wireless and how it actually works! Plus it is nice to eliminate at least one cable from the mess. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>


    "Peace begins with a smile. "-- Mother Teresa

  14. #14
    Bronze Lounger
    Join Date
    Feb 2001
    Posts
    1,424
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Firewall - Trusted vs. Internet

    Hi Al,

    Thanks for the clarification about Trusted versus Internet. I really didn't understand the difference between the two selections or what the benefit of one over the other would be. But I think, "I've got it" now. This whole business of router and firewall protection and proper set up can be complicated and confusing. Thankfully, I have an excellent place to come and ask questions and I always appreciate the super help that is given! <img src=/S/thumbup.gif border=0 alt=thumbup width=15 height=15>


    "Peace begins with a smile. "-- Mother Teresa

  15. #15
    Plutonium Lounger
    Join Date
    Nov 2001
    Posts
    10,550
    Thanks
    0
    Thanked 7 Times in 7 Posts

    Re: Firewall - Trusted vs. Internet

    It is worth turning off the SSID broadcast, as this will prevent people running standard Windows software from seeing your network. The SSID would still be available to anyone running a linux system with a wireless "sniffer".

    It really isn't worth enabling MAC address filtering. Even standard Windows systems allow people to transmit a fake MAC address, and it is easy to pick these up with the same "sniffer".

    The best change you could make, if your Network Access Point supports it, is to enable WPA encryption instead of WEP.

    regards,

    StuartR

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •