Setting general security options

These controls apply global rules regarding certain protocols, packet types and other forms of traffic (such as server traffic) to both the Trusted Zone and the Internet Zone.

To modify general security settings:

  1. Select Firewall.
  2. Click Advanced.
  3. In the General area, choose your security settings.
    Block all fragments
    Blocks all incomplete (fragmented) IP data packets. Hackers sometimes create fragmented packets to bypass or disrupt network devices that read packet headers.
    Caution: If you select this option, ZoneAlarm security software will silently block all fragmented packets without alerting you or creating a log entry. Do not select this option unless you are aware of how your online connection handles fragmented packets.
    Block trusted servers
    Prevents all programs on your computer from acting as servers to the Trusted Zone. Note that this setting overrides permissions granted in the Programs panel.
    Block Internet servers
    Prevents all programs on your computer from acting as servers to the Internet Zone. Note that this setting overrides permissions granted in the Programs panel.
    Enable ARP protection
    Blocks all incoming ARP (Address Resolution Protocol) requests except broadcast requests for the address of the target computer. Also blocks all incoming ARP replies except those in response to outgoing ARP requests.
    Allow VPN Protocols
    Allows the use of VPN protocols (ESP, AH, GRE, SKIP) even when High security is applied. With this option disabled, these protocols are allowed only at Medium security.
    Allow uncommon protocols at high security
    Allows the use of protocols other than ESP, AH, GRE, and SKIP, at High security.
    Lock hosts file
    Prevents your computer's hosts file from being modified by hackers through sprayer or Trojan horses. Because some legitimate programs need to modify your hosts file in order to function, this option is turned off by default.
    Disable Windows Firewall
    Detects and disables Windows Firewall. This option will only appear if you are using Windows XP with Service Pack 2.
    Filter IP over 1394 traffic
    Filters FireWire traffic. You will need to restart your PC for these filter changes to take effect.
  4. Click OK.

Some features are only in select versions of the product: find out which features you have

www.zonealarm.com

 

Copyright © 2008 Check Point Software LTD