Digital Payag

I based this guide from the popular ZoneAlarm Pro firewall

1. First and foremost you should enable all of the available features of the software firewall.

2. Allow only those trusted software & services to gain permanent access to the internet.

Trusted softwares like your Antivirus, Firewall and other anti-intrusion tools.

3. Set your untrusted programs to “always ask” before allowing it to access the web.

Untrusted programs like your instant messenger, ftp software, web browser and your file sharing tools.

I label these programs as untrusted because these are the programs suseptible to attack/control from the outside.

Setting these programs to “always ask” allows you to monitor efficiently each of its own activities.

4. Make it a habit to read & analyze the alert prompts to avoid mistakes that could make your machine vulnerable. We should remember that common attacks these days are done using legitimate techniques which are far more dangerous than the older methods used.

Take for example the ff scenarios:

RAT (Remote Access Trojans) can probe IRC ports to establish a connection without the user’s knowledge.
This happens when the users infected IRC client is given priviledge to access the internet if his firewall is misconfigured.

FTP software can also establish a connection without the user’s knowledge and can allow intruders to control your machine if left unattended.

A spyware infected browser can establish a connection if given the opportunity to do so and who knows what damage that could bring.

All of this is possible if your firewall is misconfigured deliberately or by mistake.

5. Last but not the very least is to keep your Firewall software updated to keep those intruders at bay.

Always remember that there is no absolute security, just some preventive measures that can help you minimize the chance of being intruded or exploited.

Meet our new friend Billy. He’s light and uber cool. He’s way better than our old friend Wimpy and Foo. You know why? Its because he can play your entire mp3 directory without a single glitch and he loads 3 times faster than Wimpy. Very stable unlike foo. And thats not all! There’s more about Billy. Here’s some surprising facts about our new friend.

He has this uber cool moves yet very simple to learn.

e.g:

tab - next song
spacebar - pause
insert - queue
pause - soft mute (this is my favorite)

Heres more…

He only uses 2mb when minimized and he can load 1000 mp3 files in a second. He doesnt have any spyware on his system thats because you can befriend him for only 665 KB download. So..Are you happy to meet our new friend Billy?

Open your ZoneAlarm Pro interface

Go to your Overview section and select the Preferences tab

set ZoneAlarm to hide your IP when applicable. hiding your IP gives you an extra layer of anonymity.

Next go to your Firewall section and select the Main tab

Set the Internet Zone Security to High then click the custom button

Under the Trusted Zone and Internet Zone tab check the following security settings

Block incoming NetBios (ports 135,37-9, 445)

Block incoming ping (ICMP Echo)

Block other incoming ICMP

Block incoming IGMP

click apply then click ok

Dont forget to click the Advace button below the Blocked Zone Security. It has a number of useful security features.

Click the Advance button

Check Enable ARP protection

Check Filter IP traffic over 1394

Check lock hosts file

Uncheck Disable Windows Firewall

As we move forward. Go to your Program Control area.

Under the main tab choose the settings that best works for you.

If you want to set full protection and receive lots of pop-up notification from ZoneAlarm, adjust the nav bar to High. This is for those security sensitive type of users.

If you want to be secured without receiving lots of pop-up notification, adjust the nav bar to Medium. For me I believe this is the recommended setting.

I dont recommend you set the Program Control below the medium security level coz from the looks of it. This option will only make your pc vulnerable to local attacks coming from malicious softwares.

This is what you’ll get when you set it below medium security level

your program control is in Learning Mode

your OSfirewall is turned OFF which is not a good option

your component control is disabled

and it will also automatically disable your Smartdefense Advisor

Next go to your Programs tab

Review all of your programs

Enable the privacy in each of your untrusted programs. Programs like

Internet Browser

Instant Messenger

P2P clients

1. Right click on each untrusted programs and select Options…
2. Under Filter Options check Enable Privacy for this program.
3. Click Ok to apply

Next go to your Spyware section and turn the Anti-spyware ON

Select the Anti-virus monitoring and turn OFF monitoring. This feature is useless specially if your firewall cannot detect your AV. Its just a waste of resources.

Under the Email Protection section

Enable both inbound and outbound mailsafe protection

Next go to your Privacy Section

Under the Main tab

Set the Ad Blocking to High and then disable the Mobile Code. Some websites wont display correctly if you enable the mobile control.

I found out that running Yahoo Messenger behind a software firewall requires me to allow this file YMSGR_TRAY.EXE to connect to the internet in order for my YM to work or else it would just keep on logging in endlessly. Weird but I encountered this problem using this build (Beta) 7.5.0.647 on a Windows XP professional platform.

more info:

Product name
File name C:\PROGRAM FILES\Yahoo!\MESSENGER\YMSGR_TRAY.EXE
Last policy update Not applicable
Version
Last modified date 3/21/2006 16:58:16
File size 88 KB


Many of us are not aware that the Bitdefender 8 Free Edition log file can reach 30mb or more in size if not set properly.

The AV’s vscan.log file is normally located at this path

C:\Program Files\Softwin\BitDefender8

Open the vscan.log using notepad then press ctrl+A+Delete to erase all of the existing log entries. Save the file to refresh the file from its existing file size to zero (0) kb.