Allow
the program to connect to computers in the Internet Zone / Trusted Zone| A | B | C | D | E | F | G | H | I | J | K | L |
| M | N | O | P | Q | R | S | T | U | V | W | XYZ |
access permission
Access permission allows a program on your computer to initiate communications
with another computer. This is distinct from server permission, which allows
a program to "listen" for connection requests from other computers.
You can give a program access permission for the Trusted Zone, the Internet
Zone, or both.
Several common applications may need access permission to operate normally. For example, your browser needs access permission in order to contact your ISP's servers. Your e-mail client (for example, MS Outlook) needs access permission in order to send or receive e-mail.
The following basic options are available for each program:
Allow
the program to connect to computers in the Internet Zone / Trusted Zone
Block the program from accessing computers in the Internet Zone / Trusted
Zone
Ask whether the program should have access permission (show Repeat
Program alert)
act as a server
A program acts as a server when it "listens" for connection requests
from other computers. Several common types of applications, such as chat programs,
e-mail clients, and Internet Call Waiting programs, may need to act as servers
to operate properly. However, some hacker programs act as servers to listen
for instructions from their creators.
ZoneAlarm Pro prevents programs on your computer from acting as servers unless you grant server permission.
ActiveX control
Based on Microsoft's ActiveX technology, these controls are mostly used to embed
interactive elements (buttons, checkboxes, etc.) in Web pages. Because they
have full access to the Windows operating system, malicious ActiveX controls
can be dangerous.
ad blocking
A ZoneAlarm Pro feature that enables you to block banner, pop-up and other types
of advertisements.
Advanced Program Control
Advanced Program Control tightens your security by preventing unknown programs from using trusted programs to access the Internet.
This is an advanced security feature intended to prevent malicious programs from hijacking trusted programs. However, some legitimate programs use indirect access. By default, the most common of these programs (listed below) are given permission to access the Internet indirectly without informing you.
By default, the following applications are allowed to use other programs to access the Internet:
AlertAdvisor
Zone Labs AlertAdvisor is an online utility that enables you to instantly analyze
the possible causes of an alert, and helps you decide whether to respond Yes
or No to a Program alert. To use AlertAdvisor, click the More Info button
in an alert pop-up. ZoneAlarm Pro sends information about your alert to AlertAdvisor.
AlertAdvisor returns an article that explains the alert and gives you advice
on what, if anything, you need to do to ensure your security.
animated ad
An advertisement that incorporates moving images.
banner ad
An ad that appears in a horizontal banner across a Web page.
Blocked Zone
The Blocked Zone contains computers you want no contact with. ZoneAlarm Pro
prevents any communication between your computer and the machines in this Zone.
component
A small program or set of functions that larger programs call on to perform
specific tasks. Some components may be used by several different programs simultaneously.
Windows operating systems provide many component DLLs (Dynamic Link Libraries)
for use by a variety of Windows applications.
cookie
A small data file used by a Web site to customize content, remember you from
one visit to the next, and/or track your Internet activity. While there are
many benign uses of cookies, some cookies can be used to divulge information
about you without your consent.
cookie control
A ZoneAlarm Pro feature that enables you to block the use of all cookies, or
specific types of cookies, thus protecting you from "data leaks" stemming
from cookie use.
DHCP (Dynamic Host Configuration Protocol)
A protocol used to support dynamic IP addressing. Rather than giving you a static
IP address, your ISP may assign a different IP address to you each time you
log on. This allows the provider to serve a large number of customers with a
relatively small number of IP addresses.
DHCP (Dynamic Host Configuration Protocol) broadcast/multicast
A type of message used by a client computer on a network that uses dynamic IP
addressing. When the computer comes online, if it needs an IP address, it issues
a broadcast message to any DHCP servers which are on the network. When a DHCP
server receives the broadcast, it assigns an IP address to the computer.
dial-up connection
Connection to the Internet using a modem and an analog telephone line. The modem
connects to the Internet by dialing a telephone number at the Internet Service
Provider's site. This is in distinction to other connection methods, such as
Digital Subscriber Lines, that do not use analog modems and do not dial telephone
numbers.
DLL (Dynamic Link Library)
A library of functions that can be accessed dynamically (that is, as needed)
by a Windows application.
DNS (Domain Name System)
A data query service generally used on the Internet for translating host names
or domain names (like www.yoursite.com) into Internet addresses (like 123.456.789.0).
embedded object
An object such as a sound file or image file that is embedded in a Web page.
(no entries)
gateway
In networking, a combination of hardware and software that links two different
types of networks. For example, if you are on a home or business Local Area
Network (LAN), a gateway enables the computers on your network to communicate
with the Internet.
gateway enforcement
A setting in the Advanced dialog of the Firewall panel. It enables a compatible
gateway device to make sure that ZoneAlarm Pro is installed on all machines
accessing the Internet through it.
high-rated alert
An alert that is likely to have been caused by hacker activity. High-rated Firewall
alerts display a red band at the top of the alert pop-up. In the Log Viewer,
you can see if an alert was high-rated by looking in the Rating column.
HTTP referrer header field
An optional field in the message that opens a Web page, containing information
about the "referring document." Properly used, this field helps webmasters
administer their sites. Improperly used, it can divulge your IP address, your
workstation name, login name, or even (in a poorly-implemented e-commerce site)
your credit card number. By selecting Remove Private Header information in the
Cookies tab, you prevent this header field from transferring any information
about you.
ICMP (Internet Control Messaging Protocol)
An extension of the Internet Protocol that supports error control and informational
messages. The "ping" message is a common ICMP message used to test
an Internet connection.
ICS (Internet Connection Sharing)
ICS is a service provided by the Windows operating system that enables networked
computers to share a single connection to the Internet.
Internet Zone
The Internet Zone contains all the computers in the world—except those
you have added to the Trusted Zone or Blocked Zone.
ZoneAlarm Pro applies the strictest security to the Internet Zone, keeping you safe from hackers. Meanwhile, the medium security settings of the Trusted Zone enable you to communicate easily with the computers or networks you know and trust—for example, your home network PCs, or your business network.
IP address
The number that identifies your computer on the Internet, as a telephone number
identifies your phone on a telephone network. It is a numeric address, usually
displayed as four numbers between 0 and 255, separated by periods. For example,
172.16.100.100 could be an IP address.
Your IP address may always be the same. However, your Internet Service Provider (ISPs) may use Dynamic Host Configuration Protocol (DHCP) to assign your computer a different IP address each time you connect to the Internet.
ISP (Internet Service Provider)
A company that provides access to the Internet. ISP's provide many kinds of
Internet connections to consumers and business, including dial-up (connection
over a regular telephone line with a modem), high-speed Digital Subscriber Lines
(DSL), and cable modem.
JavaScript
A popular scripting language that enables some of the most common interactive
content on Web sites. Some of the most frequently used JavaScript functions
include Back and History links, changing images on mouseover, and opening and
closing browser windows. ZoneAlarm Pro default settings allow JavaScript because
it is so common and because most of its uses are harmless.
(no entries)
(no entries)
mail server
The remote computer from which the e-mail program on your computer retrieves
e-mail messages sent to you.
MD5 signature
A digital "fingerprint" used to verify the integrity of a file. If
a file has been changed in any way (for example, if a program has been compromised
by a hacker), its MD5 signature will change as well.
medium-rated alert
An alert that was probably caused by harmless network activity, rather than
by a hacker attack.
MIME-type integrated object
An object such as an image, sound file, or video file that is integrated into
an e-mail message. MIME stands for Multipurpose Internet Mail Extensions..
mobile code
Executable content that can be embedded in Web pages or HTML e-mail. Mobile
code helps make Web sites interactive, but malicious mobile code can be used
to modify or steal data, and for other malevolent purposes.
mobile code control
A ZoneAlarm Pro feature that enables you to block active controls and scripts
on the Web sites you visit. While mobile code is common on the Internet and
has many benign uses, hackers can sometimes use it for malevolent purposes.
More Info button
A button that appears in ZoneAlarm Pro alerts. By clicking it, you submit information
about the alert to Zone Labs' Alert Advisor, which then displays a Web page
with an analysis of the alert.
NetBIOS (Network Basic Input/Output System)
A program that allows applications on different computers to communicate within
a local network. By default, ZoneAlarm Pro allows NetBIOS traffic in the Trusted
Zone, but blocks it in the Internet Zone. This enables file sharing on local
networks, while protecting you from NetBIOS vulnerabilities on the Internet.
(no entries)
packet
A single unit of network traffic. On "packet-switched" networks like
the Internet, outgoing messages are divided into small units, sent and routed
to their destinations, then reassembled on the other end. Each packet includes
the IP address of the sender, and the destination IP address and port number.
pass-lock
When the Internet Lock is engaged, programs given pass-lock permission can continue
accessing the Internet. Access permission and server permission for all other
programs is revoked until the lock is opened.
persistent cookie
A cookie put on your hard drive by a Web site you visit. These cookies can be
retrieved by the Web site the next time you visit. While useful, they create
a vulnerability by storing information about you, your computer, or your Internet
use in a text file.
ping
A type of ICMP message (formally "ICMP echo") used to determine whether
a specific computer is connected to the Internet. A small utility program sends
a simple "echo request" message to the destination IP address, and
then waits for a response. If a computer at that address receives the message,
it sends an "echo" back. Some Internet providers regularly "ping"
their customers to see if they are still connected.
pop-under ad
An ad that appears in a new browser window that opens under the window you're
looking at, so you don't see the ad until you close the original browser window.
pop-up ad
An ad that appears in a new browser window that 'pops up' in front of the window
you're looking at.
port
A channel in or out of your computer. Some ports are associated with standard
network protocols; for example, HTTP (Hypertext Transfer Protocol) is traditionally
addressed to port 80. Port numbers range from 1 to 65535.
port scan
A technique hackers use to find unprotected computers on the Internet. Using
automated tools, the hacker systematically scans the ports on all the computers
in a range of IP addresses, looking for unprotected or "open" ports.
Once an open port is located, the hacker can use it as an access point to break
in to the unprotected computer.
Privacy Advisor
A small display that shows you when ZoneAlarm Pro blocks cookies or mobile code,
and enables you to un-block those elements for a particular page.
product update service
Zone Labs subscription service that provides free updates to ZoneAlarm Pro.
When you purchase ZoneAlarm Pro, you automatically receive a year's subscription
to product update service.
program authentication
When a program on your computer asks for Internet access, ZoneAlarm Pro examines
its recorded MD5 checksum to verify that it has not been tampered with since
its last request. You can set ZoneAlarm Pro to authenticate only the program
itself, or the program and the shared components (such as DLLs) it uses.
programs list
The list of programs to which you can assign Internet access and server permissions.
The list is shown in the Programs tab of the Program Control panel. You can
add programs to the list, or remove programs from it.
protected system files
Windows system components that are guarded by Windows File Protection. Built
in to Windows 2000 and later, file protection keeps other programs from replacing
system files with anything but Microsoft-certified updates.
protocol
A standardized format for sending and receiving data. Different protocols serve
different purposes; for example SMTP (Simple Mail Transfer Protocol) is used
for sending e-mail messages; while FTP (File Transfer Protocol) is used to send
large files of different types. Each protocol is associated with a specific
port, for example, FTP messages are addressed to port 21.
quarantine
ZoneAlarm Pro's MailSafe quarantines incoming e-mail attachments whose filename
extensions (for example, .EXE or .BAT) indicate the possibility of auto-executing
code. By changing the filename extension, quarantining prevents the attachment
from opening without inspection. This helps protect you from worms, viruses,
and other malware that hackers distribute as e-mail attachments.
(no entries)
script
A series of commands that execute automatically, without the user intervening.
These usually take the form of banners, menus that change when you move your
mouse over them, and popup ads.
server permission
Server permission allows a program on your computer to "listen" for
connection requests from other computers, in effect giving those computers the
power to initiate communications with yours. This is distinct from access permission,
which allows a program to initiate a communications session with another computer.
Several common types of applications, such as chat programs, e-mail clients, and Internet Call Waiting programs, may need server permission to operate properly. Grant server permission only to programs you're sure you trust, and that require it in order to work.
If possible, avoid granting a program server permission for the Internet Zone. If you need to accept incoming connections from only a small number of machines, add those machines to the Trusted Zone, and then allow the program server permission for the Trusted Zone only.
The following basic options are available for each program
Allow
the program to listen for connection requests
Block the program from listening for connection requests
Ask me whether to allow the program to listen for connection requests
(show Server Program alert)
session cookie
A cookie stored in your browser\'s memory cache that disappears as soon as you
close your browser window. These are the safest cookies because of their short
life-span.
skyscraper ad
An ad that appears in a vertical column along the side of a Web page.
stealth mode
When ZoneAlarm Pro puts your computer in stealth mode, any uninvited traffic
receives no response--not even an acknowledgement that your computer exists.
This renders your computer invisible to other computers on the Internet, until
permitted program on your computer initiates contact.
third party cookie
A persistent cookie that is placed on your computer, not by the Web site you
are visiting, but by an advertiser or other \'third party.\' These cookies are
commonly used to deliver information about your Internet activity to that third
party.
Trojan horse
A malicious program that masquerades as something useful or harmless, such as
a screen saver. Some Trojan horses operate by setting themselves up as servers
on your computer, listening for connections from the outside. If a hacker succeeds
in contacting the program, he can effectively take control of your computer.
This is why it's important to only give server permission to programs you know
and trust. Other Trojan horses attempt to contact a remote address automatically.
TrueVector security engine
The primary component of ZoneAlarm Pro security. It is the TrueVector engine
that examines Internet traffic and enforces security rules.
Trusted Zone
The Trusted Zone contains computers you trust want to share resources with.
For example, if you have three home PCs that are linked together in an Ethernet network, you can put each individual computer or the entire network adapter subnet in the ZoneAlarm Pro Trusted Zone. The Trusted Zone's default medium security settings enable you to safely share files, printers, and other resources over the home network. Hackers are confined to the Internet Zone, where high security settings keep you safe.
(no entries)
Virtual Private Network (VPN)
A network that is constructed by using public wires to connect nodes. When using
VPN over the Internet, encryption and other security mechanisms are used to
ensure that only authorized users can access the network and the data.
web bug
An image file, often 1x1 pixel, designed to monitor visits to the page (or HTML
e-mail) containing it. Web bugs are used to find out what advertisements and
Web pages you have viewed.
(no entries)