Confused about firewall

I access the internet through a home wireless network which connects through
a router to a cable modem. The wlan (just 3 PCs running XP Home) is
protected with WPA encryption and each PC has XP's firewall turned off but
has ZoneAlarm free in effect (as well as virus checkers, malware checkers,
etc.).

But I am confused about what to put in the Zone Alarm's "zones" because I
noticed that on one PC the only things in the zones area are:
a) the network adapters which are listed as being in the "Internet Zone"
b) the loopback adapter which is listed in the "Trusted zone".
**None of the ip addresses of the other two PCs are listed nor the router
gateway ip.

Yet on another one of the networked PCs, the ip addresses of the other PCs
are listed! I think that happened because I noticed in the alert list that
some attempts to contact them had been "blocked" by ZA and since they were
known ips I added them to my "trusted zone".

So I am confused! Are the additions of the ip addresses of the networked PCs
into the trusted zone necessary or unnecessary? Harmful or irrelevant? Why
would ZA have blocked some attempts to contact my networked PCs while
obviously letting the huge majority to go through (since the network works
fine).

Just confused <grin> and any help would be appreciated.

Jeff

Jeff

Hi

Bear in mind that though the same word Security is used to describe Secure
Internet Connection and Secure Wireless from a Computer functioning
perspective there is No relation between the two.

Wireless Security has Nothing to do with securing the Internet Connection.

Wireless is just a replacement for a Wire and thus can be intercepted by
people in the neighborhood attaching them self to your Signal and use your
LAN and your LAN's Internet Connection. To avoid Local Tapping there are
Wireless Security measures. These measures are unique to the Wireless
components, and have to be used even if there is No Internet Connection.

Cable/DSL Router Hardware NAT and Software Firewall/AntiVirus/AntiSpy
applications are the ones that protect the Internet connection from being
invaded/infested, and preventing your LAN computers (Wired and Wireless)
from transmitting out to the Internet privileged information.

All the computers (as a Network) would have basic Internet protection by
using a Cable/DSL Router. In addition, each computer on your Network that
has access to the Internet should have its own Internet Connection
protection regardless of whether it is Wired or Wireless.

Many Software Firewalls by default to block the Local (LAN) traffic as well.

In order to share Files and other resources the Software Firewall has to be
tuned to let the local computers passage Free through the Firewall.

May be this can Help, http://www.ezlan.net/faq#trusted

Successful Sharing involves some general consideration in Network settings,
http://www.ezlan.net/sharing.html

As well as specific adjustment of each computer according to what is allowed
to be shared.

http://support.microsoft.com/default...b;en-us;304040

Jack (MVP-Networking).


"Jeff" <> wrote in message
news:e1X$$...
>I access the internet through a home wireless network which connects
>through a router to a cable modem. The wlan (just 3 PCs running XP Home) is
>protected with WPA encryption and each PC has XP's firewall turned off but
>has ZoneAlarm free in effect (as well as virus checkers, malware checkers,
>etc.).
>
> But I am confused about what to put in the Zone Alarm's "zones" because I
> noticed that on one PC the only things in the zones area are:
> a) the network adapters which are listed as being in the "Internet Zone"
> b) the loopback adapter which is listed in the "Trusted zone".
> **None of the ip addresses of the other two PCs are listed nor the router
> gateway ip.
>
> Yet on another one of the networked PCs, the ip addresses of the other PCs
> are listed! I think that happened because I noticed in the alert list that
> some attempts to contact them had been "blocked" by ZA and since they were
> known ips I added them to my "trusted zone".
>
> So I am confused! Are the additions of the ip addresses of the networked
> PCs into the trusted zone necessary or unnecessary? Harmful or
> irrelevant? Why would ZA have blocked some attempts to contact my
> networked PCs while obviously letting the huge majority to go through
> (since the network works fine).
>
> Just confused <grin> and any help would be appreciated.
>
> Jeff
>

Jack \(MVP-Networking\).

Dear Jack

Thank you very much for the explanations. You are correct I did not
distinguish clearly in my mind the 2 different aspects of Security. This
helps.

The reason I was looking into the subject is that although I have not
detected any problems with a PC accessing specifically shared files on
another computer in my home wlan, one PC (the one that has the minimal ip
entries I listed) has had intermittent trouble accessing the internet. Do
you think that may be because the gateway or router ip is not specifically
listed in the trusted zone of that PC? Especially that PC sometimes connects
with the internet fine and then seems to be in the "server not found" mode
until I reboot it after which it connects well for a while. I was ready to
go out and buy a replacement cable modem since I was told that that may be
the sign of a cable modem going bad. However I always suspected a
configuration or timeout problem might be at fault though the intermittent
nature of the problem stumped me.

Jeff

"Jack (MVP-Networking)." <> wrote in message
news:...
> Hi
>
> Bear in mind that though the same word Security is used to describe Secure
> Internet Connection and Secure Wireless from a Computer functioning
> perspective there is No relation between the two.
>
> Wireless Security has Nothing to do with securing the Internet Connection.
>
> Wireless is just a replacement for a Wire and thus can be intercepted by
> people in the neighborhood attaching them self to your Signal and use your
> LAN and your LAN's Internet Connection. To avoid Local Tapping there are
> Wireless Security measures. These measures are unique to the Wireless
> components, and have to be used even if there is No Internet Connection.
>
> Cable/DSL Router Hardware NAT and Software Firewall/AntiVirus/AntiSpy
> applications are the ones that protect the Internet connection from being
> invaded/infested, and preventing your LAN computers (Wired and Wireless)
> from transmitting out to the Internet privileged information.
>
> All the computers (as a Network) would have basic Internet protection by
> using a Cable/DSL Router. In addition, each computer on your Network that
> has access to the Internet should have its own Internet Connection
> protection regardless of whether it is Wired or Wireless.
>
> Many Software Firewalls by default to block the Local (LAN) traffic as
> well.
>
> In order to share Files and other resources the Software Firewall has to
> be tuned to let the local computers passage Free through the Firewall.
>
> May be this can Help, http://www.ezlan.net/faq#trusted
>
> Successful Sharing involves some general consideration in Network
> settings, http://www.ezlan.net/sharing.html
>
> As well as specific adjustment of each computer according to what is
> allowed to be shared.
>
> http://support.microsoft.com/default...b;en-us;304040
>
> Jack (MVP-Networking).
>
>
> "Jeff" <> wrote in message
> news:e1X$$...
>>I access the internet through a home wireless network which connects
>>through a router to a cable modem. The wlan (just 3 PCs running XP Home)
>>is protected with WPA encryption and each PC has XP's firewall turned off
>>but has ZoneAlarm free in effect (as well as virus checkers, malware
>>checkers, etc.).
>>
>> But I am confused about what to put in the Zone Alarm's "zones" because I
>> noticed that on one PC the only things in the zones area are:
>> a) the network adapters which are listed as being in the "Internet Zone"
>> b) the loopback adapter which is listed in the "Trusted zone".
>> **None of the ip addresses of the other two PCs are listed nor the router
>> gateway ip.
>>
>> Yet on another one of the networked PCs, the ip addresses of the other
>> PCs are listed! I think that happened because I noticed in the alert list
>> that some attempts to contact them had been "blocked" by ZA and since
>> they were known ips I added them to my "trusted zone".
>>
>> So I am confused! Are the additions of the ip addresses of the networked
>> PCs into the trusted zone necessary or unnecessary? Harmful or
>> irrelevant? Why would ZA have blocked some attempts to contact my
>> networked PCs while obviously letting the huge majority to go through
>> (since the network works fine).
>>
>> Just confused <grin> and any help would be appreciated.
>>
>> Jeff
>>
>
>

Jeff