Free utility guards against spyware
July 20, 1999
by Stan Miastkowski
(IDG) -- When you consider the dreaded Back Orifice, Trojan horses, and other computer viruses, working with your PC -- especially when it's connected to the Web -- can sometimes seem so hazardous an occupation that one might be tempted to return to the quill pen and inkwell.
Back Orifice and the earlier Melissa virus are considered "spyware" because, in broad terms, they infiltrate your PC, take from it (such as a list of e-mail addresses), and transmit your information the next time you connect to the Internet. Zone Laboratories has released a free utility designed to protect against spyware, by preventing applications from accessing the Internet without your explicit permission.
ZoneAlarm, a 1MB download, is available now on the Zone Laboratories Web site. It runs on Windows 95, 98, and NT.
The other side of the firewall
In many ways, ZoneAlarm works as a reverse firewall. Although the developer says it can detect and stop Trojan horses and malicious applets from coming into your PC, its main thrust is stopping data on the way out.
Once you install ZoneAlarm, it monitors any attempts to access the Web by an application running on your PC. If a Trojan Horse attempts to take control of your PC and communicate with a hacker, ZoneAlarm intercepts the action and pops up a message asking if you want the application to access the Internet.
I installed ZoneAlarm, which loads automatically every time you start Windows, on a PC running Microsoft Internet Explorer 5.0. Although the interface is initially somewhat confusing, you have to actively do very little. Every time an application starts, it's added to ZoneAlarm's list of all running applications. When any application (IE 5.0, for example) tries to access the Internet, a message pops up asking if you really want the program to proceed. You click yes or no. For applications such as your browser, that you always want to have Internet access, you can check a box that permanently remembers your answer.
At the stop sign
Two others features offer even more security. You can set ZoneAlarm to automatically lock all Internet access when your PC's screen saver kicks in or after a definable period of inactivity. But you can allow certain activity during a lock, such as automatically checking your e-mail every few minutes.
For complete security while you're connected to, but not using, the Internet, ZoneAlarm offers a large STOP button you can click to immediately lock out all incoming and outgoing data.
Roger Thompson, director of antivirus and malicious code research for the ICSA, an independent organization that certifies antivirus and security software, is skeptical about ZoneAlarm. Users won't always know whether they should let applications access the Internet when ZoneAlarm pops up, Thompson says. Someone may inadvertently let a Trojan Horse do its work. And ZoneAlarm won't stop Trojan Horses such as Melissa or Worm.Explore because they operate using standard e-mail applications, which are "trusted" by ZoneAlarm, Thompson adds.
While Thompson has a point, ZoneAlarm isn't designed to eliminate the need for full-fledged antivirus utilities, says Gregor Freund, president of Zone Laboratories. Instead, ZoneAlarm's aim is to be "part of a balanced breakfast," and is designed to work with other utilities to reduce the vulnerability of PCs to Trojan Horse attacks, Freund says. Unlike other firewall products, ZoneAlarm doesn't require a complicated setup, Freund adds.
Zone offers ZoneAlarm free of charge partly to demonstrate the company's TrueVector technology, Freund says. Zone licenses TrueVector to companies to build Internet intelligence into business applications. ZoneAlarm uses only a small subset of TrueVector, which can control Internet access by applications, sites, and users, as well as collect Internet traffic statistics, monitor bandwidth usage, and manage overall Internet-connected networks.
ZoneAlarm may not be perfect, but it can at least make it a bit more difficult for Trojan Horses to do their dirty work. It's particularly effective if you have a full-time connection to the Web, such as a cable modem. And the price is right, too.
Newest computer headache: 'Cult of the dead cow'
RELATED IDG.net STORIES:
Is the Back Orifice door really shut?
Zone Labs, Inc.
|Back to the top||
© 2001 Cable News Network. All Rights Reserved.|
Terms under which this service is provided to you.
Read our privacy guidelines.