I'm about ready to just rely on the new Windows SP2 firewall. :rolleyes:

I've been using ZoneAlarms for years, but their last major upgrade left me with issues where I couldn't connect after extended periods of inactivity.

So I switched to McAfee because it seemed okay on my HTPC, but it contains ActiveX code (and its Security Center requires IE to be configured to allow ActiveX to run), which personally I just don't like. Also, it alerted me to a lot of things that simply were not necessary to be alerted to.

So today I switch to Norton Firewall. I'd tried the very first verson of it and didn't care for it at all. I still don't care for it. But before I lay down the dollars for an new version of ZA which might still have the same bug (I don't qualify for the free version on the machine at issue), maybe I'm missing something about Norton, so here are three questions:

1. Is there anyway to restrict a program to only inbound access? Both ZA and McAfee allow this (although McAfee with descriptors that seem backward). I don't see it at all with Norton.

2. Is there anyway to pre-configure a component of a program so that you're notified of components doing things, but only when they are new components? (Stated differently can components either be configured to be accepted or rejected in advance?) If I have component notification turned on I get a warning that Windows Messenger is attempting to do something every 30 seconds. It's annoying, so I have to turn off component notification. Unlike the program control box that pops up, there doesn't seem to be an option for always allow or always block.

3. Is there anyway to make sure a new program is added? I found out from looking at a log that it was blocking my version of Ad-Watch, but there was nothing in the program indicating it had ever been accessed.

I found the answer to the first question. It's in the program area--select the program, then change "automatic" to custom and then select connections.

Also, I remembered another reason I didn't like McAfee. It seemed to cheat on GRC.COM's leaktest--recognizing it rather than allowing the program to test it. Neither ZA nor Norton seem to do that.

Actually the SP2 softwall is the first one I'd tried that wasn't a total PITA. Consequently I've left it active. I haven't tried Norton or Mcafee but BlackIce and ZA kept trying to block access to other computers in the network. Seemed like every other day I'd have to fuss to let them see each other again. As a result I'd relied on the hardwall in my gateway router as it was incoming stuff I was more worried about. This never seemed to result in any problems. When SP2 came along with the firewall on by default and it didn't seem to cause problems I left it on.

FWIW, I use ZA and use static IP addresses that I add into the Trusted Zone. I also ended up using LMHOST files (a list of the IP addresses and computer names) because I was having problems connecting a W2K Pro and XP Pro machines due to them fighting over which one wanted to be the Master Browser - whatever - they all work happy now.

I'm still a bit leary of trusting m$ firewall. I turned it off. I like being able to see what's going on.

Originally posted by Les Auber
I haven't tried Norton or Mcafee but BlackIce and ZA kept trying to block access to other computers in the network.

Actually, one of my concerns is that Norton isn't blocking other computers in the network. I only use networking for Internet access--I don't want my computers to be able to see one another, for I figure that just means it's more likely that other computers off the network can see things on my computer. But I'm extra paranoid in that regard. I also think ActiveX, Flash, Java, etc. make it more likely other computers can do things I don't like, so they are severely restricted (or non-existant on my computer) also.