There seems to be widely differing opinions regarding ZoneAlarm on this
forum. What's the problem with it? Gibson Research - http://www.grc.com
seem to thinks it's good, and I'm sure they know a lot more about
security than most of the critics on this forum!
Jim Ford
Post removed (X-No-Archive: yes)
Jim Ford
> There seems to be widely differing opinions regarding ZoneAlarm on this
> forum. What's the problem with it?
This question has been answered over and over again. Search the archives
of this group.
> Gibson Research - http://www.grc.com seem to thinks it's good, and I'm
> sure they know a lot more about security than most of the critics on
> this forum!
Yeah, right.
http://grcsucks.com/
cu
59cobalt
--
"Personal Firewalls are crap. Throw away any personal firewall. Personal
Firewalls are bad[tm]."
--Malte von dem Hagen on security-basics
On Sat, 02 Dec 2006 13:58:53 GMT, Jim Ford
>There seems to be widely differing opinions regarding ZoneAlarm on this
>forum. What's the problem with it? Gibson Research - http://www.grc.com
>seem to thinks it's good, and I'm sure they know a lot more about
>security than most of the critics on this forum!
>
>Jim Ford
In my experience ZoneAlarm went though a period of unreliability a few
years ago, including causing trouble with TCP.
It seems to have been sorted now so I'm giving it another try. As I
use a hardware firewall for inbound protection, ZoneAlarm only gets
involved with outbound protection.
--
Steve Wolstenholme Neural Planner Software
EasyNN-plus. The easy way to build neural networks.
http://www.easynn.com
fyrfaktry wrote:
> On Sat, 02 Dec 2006 13:58:53 GMT, Jim Ford
>
>
>> There seems to be widely differing opinions regarding ZoneAlarm on this
>> forum. What's the problem with it? Gibson Research - http://www.grc.com
>> seem to thinks it's good, and I'm sure they know a lot more about
>> security than most of the critics on this forum!
>>
>> Jim Ford
>
> Oh Boy. You just opened up the floodgates ;)
I wish I'd never asked 8^[
Jim Ford
"Jim Ford"
> fyrfaktry wrote:
>> On Sat, 02 Dec 2006 13:58:53 GMT, Jim Ford
>>
>>
>>> There seems to be widely differing opinions regarding ZoneAlarm on this
>>> forum. What's the problem with it? Gibson Research - http://www.grc.com
>>> seem to thinks it's good, and I'm sure they know a lot more about
>>> security than most of the critics on this forum!
>>>
>>> Jim Ford
>>
>> Oh Boy. You just opened up the floodgates ;)
>
> I wish I'd never asked 8^[
>
> Jim Ford
Just keep in mind that the majority of folks here against ZoneAlarm are
against all personal firewall software.
Craig
Craig wrote:
> "Jim Ford"
>
>> fyrfaktry wrote:
>>> On Sat, 02 Dec 2006 13:58:53 GMT, Jim Ford
>>>
>>>
>>>> There seems to be widely differing opinions regarding ZoneAlarm on this
>>>> forum. What's the problem with it? Gibson Research - http://www.grc.com
>>>> seem to thinks it's good, and I'm sure they know a lot more about
>>>> security than most of the critics on this forum!
>>>>
>>>> Jim Ford
>>> Oh Boy. You just opened up the floodgates ;)
>> I wish I'd never asked 8^[
>>
>> Jim Ford
>
> Just keep in mind that the majority of folks here against ZoneAlarm are
> against all personal firewall software.
>
> Craig
>
>
Thanks - sounds sensible advice!
I have a Linux router/firewall and installed ZoneAlarm as a second line
of defence on an XP machine. After all, it didn't cost anything.
Jim Ford
Jim Ford
> There seems to be widely differing opinions regarding ZoneAlarm on this
> forum. What's the problem with it?
All of its options are useless or even counterproductive, with the
exception of the host based packet filter. But such a packet filter
you're getting with the Windows-Firewall, too. And this packet filter
has no braindead concepts like asking the users to decide security
related questions.
> Gibson Research - http://www.grc.com
http://grcsucks.com
> seem to thinks it's good, and I'm sure they know a lot more about
> security than most of the critics on this forum!
Gibson's advices contain nearly anything from helpful information up to
completely nonsense.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
On Sat, 02 Dec 2006 18:40:18 GMT, Jim Ford wrote:
> I have a Linux router/firewall and installed ZoneAlarm as a second line
> of defence on an XP machine. After all, it didn't cost anything.
>
> Jim Ford
Yes it did, it cost you system resources for no real good reason.
On Sat, 02 Dec 2006 15:18:13 +0000, steve@tropheus.demon.co.uk wrote:
> It seems to have been sorted now so I'm giving it another try. As I
> use a hardware firewall for inbound protection, ZoneAlarm only gets
> involved with outbound protection.
What is it protecting your from?
"Volker Birk"
news:4571ee24@news.uni-ulm.de...
> Jim Ford
>> There seems to be widely differing opinions regarding ZoneAlarm on this
>> forum. What's the problem with it?
>
> All of its options are useless or even counterproductive, with the
> exception of the host based packet filter. But such a packet filter
> you're getting with the Windows-Firewall, too. And this packet filter
> has no braindead concepts like asking the users to decide security
> related questions.
In contrary to the good for nothing windows firewall Zonealarm offers
monitoring of the outgoing traffic so you´r notified when you´r infected.
Incoming monitoring is done by your NAT router which makes incoming
filtering/monitoring of no use..
arja
arja
> "Volker Birk"
>> Jim Ford
>>> There seems to be widely differing opinions regarding ZoneAlarm on
>>> this forum. What's the problem with it?
>>
>> All of its options are useless or even counterproductive, with the
>> exception of the host based packet filter. But such a packet filter
>> you're getting with the Windows-Firewall, too. And this packet filter
>> has no braindead concepts like asking the users to decide security
>> related questions.
>
> In contrary to the good for nothing windows firewall Zonealarm offers
> monitoring of the outgoing traffic so you?r notified when you?r
> infected.
*sigh*
That must be the most braindead reason for using a personal firewall I
have ever heard. You don't want to be notified when your computer is
already compromised, you want to keep your computer from getting
compromised in the first place. Besides, if you must have monitoring of
outgoing traffic: Port Reporter [1] does that without the usual
downsides of personal firewalls (except for the lack of reliability,
which is inherent to this type of monitoring).
[1] http://support.microsoft.com/kb/837243
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
arja wrote:
> "Volker Birk"
> news:4571ee24@news.uni-ulm.de...
>
>>Jim Ford
>>
>>>There seems to be widely differing opinions regarding ZoneAlarm on this
>>>forum. What's the problem with it?
>>
>>All of its options are useless or even counterproductive, with the
>>exception of the host based packet filter. But such a packet filter
>>you're getting with the Windows-Firewall, too. And this packet filter
>>has no braindead concepts like asking the users to decide security
>>related questions.
>
>
> In contrary to the good for nothing windows firewall Zonealarm offers
> monitoring of the outgoing traffic so you´r notified when you´r infected.
> Incoming monitoring is done by your NAT router which makes incoming
> filtering/monitoring of no use..
>
What? One doesn't want to get infected in the first place. On top of
that, the NAT router comes closer to being a FW than ZA. ZA and the rest
are just machine level packet filters. A FW separates two networks. The
FW protects from the network it's protecting from, the WAN, usually, and
protects the network it's protecting, the LAN.
On Sun, 03 Dec 2006 00:45:23 +0100, arja wrote:
>
> In contrary to the good for nothing windows firewall Zonealarm offers
> monitoring of the outgoing traffic so youŽr notified when youŽr infected.
What if the malware has added itself to ZA's "allowed" rules? Then it does
not give an alert.
You may find this interesting :)
http://www.firewallleaktester.com/tests_overview.php
"Postal Dude" wrote...
> On Sun, 03 Dec 2006 00:45:23 +0100, arja wrote:
>>
>> In contrary to the good for nothing windows firewall Zonealarm offers
>> monitoring of the outgoing traffic so youZr notified when youZr infected.
>
> What if the malware has added itself to ZA's "allowed" rules? Then it does
> not give an alert.
Doesn't password-protecting ZA prevent unauthorized "additions?"
On Sun, 03 Dec 2006 01:59:38 +0000, Craig wrote:
> "Postal Dude" wrote...
>
>> On Sun, 03 Dec 2006 00:45:23 +0100, arja wrote:
>>>
>>> In contrary to the good for nothing windows firewall Zonealarm offers
>>> monitoring of the outgoing traffic so youZr notified when youZr infected.
>>
>> What if the malware has added itself to ZA's "allowed" rules? Then it does
>> not give an alert.
>
> Doesn't password-protecting ZA prevent unauthorized "additions?"
It should, at least in theory. I am not sure if ZA still falls under the
snake oil/smoke and mirrors category (haven't messed with it for a few
years), but there are a lot of snake oil pf's that can be disabled with
something as simple as a registry value change. If I am not mistaken,
earlier versions of ZA were vulnerable to that weakness.
"Postal Dude"
news:e9pch.310$ja6.308@tornado.ohiordc.rr.com...
> On Sun, 03 Dec 2006 00:45:23 +0100, arja wrote:
>>
>> In contrary to the good for nothing windows firewall Zonealarm offers
>> monitoring of the outgoing traffic so youZr notified when youZr infected.
>
> What if the malware has added itself to ZA's "allowed" rules? Then it does
> not give an alert.
Do you have an example of that.
arja
"Kayman"
news:ekt7ss$a1h$1@aioe.org...
> You may find this interesting :)
>
> http://www.firewallleaktester.com/tests_overview.php
That´s what I meant, the win firehole is full of holes otherwise can´t exact
see what you are doing :-(
arja
"Mr. Arnold6"
news:eToch.6654$1s6.2134@newsread2.news.pas.earthlink.net...
> arja wrote:
>> "Volker Birk"
>> news:4571ee24@news.uni-ulm.de...
>>
>>>Jim Ford
>>>
>>>>There seems to be widely differing opinions regarding ZoneAlarm on this
>>>>forum. What's the problem with it?
>>>
>>>All of its options are useless or even counterproductive, with the
>>>exception of the host based packet filter. But such a packet filter
>>>you're getting with the Windows-Firewall, too. And this packet filter
>>>has no braindead concepts like asking the users to decide security
>>>related questions.
>>
>>
>> In contrary to the good for nothing windows firewall Zonealarm offers
>> monitoring of the outgoing traffic so you´r notified when you´r infected.
>> Incoming monitoring is done by your NAT router which makes incoming
>> filtering/monitoring of no use..
>>
>
> What? One doesn't want to get infected in the first place.
Does malware ask if you want to be infected before acting?
> On top of that, the NAT router comes closer to being a FW than ZA. ZA and
> the rest are just machine level packet filters. A FW separates two
> networks. The FW protects from the network it's protecting from, the WAN,
> usually, and protects the network it's protecting, the LAN.
arja
"Ansgar -59cobalt- Wiechers"
bericht news:4tej58F13pp4gU1@mid.individual.net...
> arja
>> "Volker Birk"
>>> Jim Ford
>>>> There seems to be widely differing opinions regarding ZoneAlarm on
>>>> this forum. What's the problem with it?
>>>
>>> All of its options are useless or even counterproductive, with the
>>> exception of the host based packet filter. But such a packet filter
>>> you're getting with the Windows-Firewall, too. And this packet filter
>>> has no braindead concepts like asking the users to decide security
>>> related questions.
>>
>> In contrary to the good for nothing windows firewall Zonealarm offers
>> monitoring of the outgoing traffic so you?r notified when you?r
>> infected.
>
> *sigh*
>
> That must be the most braindead reason for using a personal firewall I
> have ever heard.
So tells everyone that does deny the vulnerabilities of windows.
> You don't want to be notified when your computer is
> already compromised, you want to keep your computer from getting
> compromised in the first place.
If you don't want to know when you're infected you're really braindead.
> Besides, if you must have monitoring of
> outgoing traffic: Port Reporter [1] does that without the usual
> downsides of personal firewalls (except for the lack of reliability,
> which is inherent to this type of monitoring).
>
> [1] http://support.microsoft.com/kb/837243
Why a unreliable redmond 'solution', probably because that is hiding what is
sent to the MS servers.
arja
arja wrote:
> "Mr. Arnold6"
> news:eToch.6654$1s6.2134@newsread2.news.pas.earthlink.net...
>
>>arja wrote:
>>
>>>"Volker Birk"
>>>news:4571ee24@news.uni-ulm.de...
>>>
>>>
>>>>Jim Ford
>>>>
>>>>
>>>>>There seems to be widely differing opinions regarding ZoneAlarm on this
>>>>>forum. What's the problem with it?
>>>>
>>>>All of its options are useless or even counterproductive, with the
>>>>exception of the host based packet filter. But such a packet filter
>>>>you're getting with the Windows-Firewall, too. And this packet filter
>>>>has no braindead concepts like asking the users to decide security
>>>>related questions.
>>>
>>>
>>>In contrary to the good for nothing windows firewall Zonealarm offers
>>>monitoring of the outgoing traffic so you´r notified when you´r infected.
>>>Incoming monitoring is done by your NAT router which makes incoming
>>>filtering/monitoring of no use..
>>>
>>
>>What? One doesn't want to get infected in the first place.
>
>
> Does malware ask if you want to be infected before acting?
>
>
Malware can circumvent and defeat the worthless Application Control of
personal FW(s)/packet filters at the drop of a hat. A user may not even
get asked the question. I certainly woundn't be depending upon App.
Control of some PFW/packet filter to watch my back, but that's just me.
arja
> In contrary to the good for nothing windows firewall Zonealarm offers
> monitoring of the outgoing traffic so you?r notified when you?r infected.
And why this does not work at all, you can find here in this group,
arguing again and again and again against this nonsense.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
arja
> > [1] http://support.microsoft.com/kb/837243
> Why a unreliable redmond 'solution', probably because that is hiding what is
> sent to the MS servers.
Because it does not. If you would be able to use a packet sniffer, you
for sure would detect, that the only software, which "phones home"
strange things, is Zone Alarm itself.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
Craig
> Doesn't password-protecting ZA prevent unauthorized "additions?"
Onyl, if the malware is run not as Administrator. If so, then no "Zone
Alarm" will help, beside nothing else will help.
But even with "Zone Alarm" being "password protected" and malware
running just as simple user, the malware just can ignore "Zone Alarm",
as many leak tests show.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
arja
> "Kayman"
> news:ekt7ss$a1h$1@aioe.org...
> > You may find this interesting :)
> > http://www.firewallleaktester.com/tests_overview.php
> That?s what I meant, the win firehole is full of holes otherwise can?t exact
> see what you are doing :-(
Yes, the Windows-Firewall does not even try to detect "malicous outgoing
traffic". And why should it?
Of course, and IDS could help - if it would be implemented not as dumb
as with "Personal Firewalls" like "Zone Alarm". And if it would be
driven by a user not as uninformed and not interested as the common home
user.
If.
Now, with Windows Vista, the Windows-Firewall will. And I'm expecting
the same problems.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
Jim Ford wrote:
> There seems to be widely differing opinions regarding ZoneAlarm on this
> forum. What's the problem with it? Gibson Research - http://www.grc.com
> seem to thinks it's good, and I'm sure they know a lot more about
> security than most of the critics on this forum!
>
> Jim Ford
Difficult to say. Some people will not have anything to do with any
personal firewall, saying that they are pointless as any malware worth
its salt would be able to circumvent the pfw's outbound checks. Could
well be true. Software such as Kaspersky Internet Security does a lot
more than just monitor outbound traffic, however, and ought to offer
some extra protection.
One positive aspect of your post is that you have provided a brilliant
platform for Volker Birk and others to stand on their much trodden soap
box again ;-)
--
Wilf
Wilf wrote:
> Jim Ford wrote:
>
>> There seems to be widely differing opinions regarding ZoneAlarm on
>> this forum. What's the problem with it? Gibson Research -
>> http://www.grc.com seem to thinks it's good, and I'm sure they know a
>> lot more about security than most of the critics on this forum!
>>
>> Jim Ford
>
> Difficult to say. Some people will not have anything to do with any
> personal firewall, saying that they are pointless as any malware worth
> its salt would be able to circumvent the pfw's outbound checks. Could
> well be true. Software such as Kaspersky Internet Security does a lot
> more than just monitor outbound traffic, however, and ought to offer
> some extra protection.
>
> One positive aspect of your post is that you have provided a brilliant
> platform for Volker Birk and others to stand on their much trodden soap
> box again ;-)
>
Oh, I missed that one about Gibson, old Gibson. Maybe, I'll put up a
Web site and become a guru too. I am sure there are plenty that will
take a big wet and juicy bite.
arja
> "Ansgar -59cobalt- Wiechers"
>> arja
>>> "Volker Birk"
>>>> Jim Ford
>>>>> There seems to be widely differing opinions regarding ZoneAlarm on
>>>>> this forum. What's the problem with it?
>>>>
>>>> All of its options are useless or even counterproductive, with the
>>>> exception of the host based packet filter. But such a packet filter
>>>> you're getting with the Windows-Firewall, too. And this packet
>>>> filter has no braindead concepts like asking the users to decide
>>>> security related questions.
>>>
>>> In contrary to the good for nothing windows firewall Zonealarm
>>> offers monitoring of the outgoing traffic so you?r notified when
>>> you?r infected.
>>
>> *sigh*
>>
>> That must be the most braindead reason for using a personal firewall
>> I have ever heard.
>
> So tells everyone that does deny the vulnerabilities of windows.
I'm probably much more aware of the vulnerabilities of Windows than you
are. However, I prefer to stick with facts rather than superstition.
Unlike you, apparently.
>> You don't want to be notified when your computer is already
>> compromised, you want to keep your computer from getting compromised
>> in the first place.
>
> If you don't want to know when you're infected you're really
> braindead.
Oh, I do want to know. However, AV software already accomplishes that
very nicely, so why would I want to waste resources on additional
software that does the very same task?
>> Besides, if you must have monitoring of outgoing traffic: Port
>> Reporter [1] does that without the usual downsides of personal
>> firewalls (except for the lack of reliability, which is inherent to
>> this type of monitoring).
>>
>> [1] http://support.microsoft.com/kb/837243
>
> Why a unreliable redmond 'solution', probably because that is hiding
> what is sent to the MS servers.
Superstition again. Port Reporter is just as (un-)reliable as any
software firewall, because all of them can only identify the process
sending or receiving the network traffic, which isn't necessarily the
process that is the actuall endpoint of the communication.
Besides, since all software firewalls are running on top of Microsoft
software (i.e. their operating system), none of them are able to detect
anything Microsoft wants to hide. You may want to read "Reflections on
Trusting Trust" [1] to understand why that is.
[1] http://www.acm.org/classics/sep95/
cu
59cobalt
--
"Personal Firewalls are crap. Throw away any personal firewall. Personal
Firewalls are bad[tm]."
--Malte von dem Hagen on security-basics
arja
> "Kayman"
>> You may find this interesting :)
>>
>> http://www.firewallleaktester.com/tests_overview.php
>
> That?s what I meant, the win firehole is full of holes otherwise can?t
> exact see what you are doing :-(
No. The Windows-Firewall just doesn't bother to try and do what actually
can't be done. If you want to monitor outgoing traffic: Port Reporter
(which I already mentioned) has been around for years and does a good
job on that.
cu
59cobalt
--
"Personal Firewalls are crap. Throw away any personal firewall. Personal
Firewalls are bad[tm]."
--Malte von dem Hagen on security-basics
arja wrote:
> "Postal Dude"
> news:e9pch.310$ja6.308@tornado.ohiordc.rr.com...
>> On Sun, 03 Dec 2006 00:45:23 +0100, arja wrote:
>>> In contrary to the good for nothing windows firewall Zonealarm offers
>>> monitoring of the outgoing traffic so youZr notified when youZr infected.
>> What if the malware has added itself to ZA's "allowed" rules? Then it does
>> not give an alert.
>
> Do you have an example of that.
Technique called process infection. Malware pick a process in memory
(software firewalls usually makes checksums for files) and add it's own
code to the process which is on software firewall "trusted" list.
Recently I tried to repair a machine where uTorren was sending
mailes/spam (broadband account was locked). uTorrent client normally
didn't have e-mail capacibility. Machine was zombie, flatten and
rebuilded. Firewall was ZA and it didn't report anything.
Rootkit. How to stop something WinAPI (software firewalls use it) cannot
see. Recently I noticed that rootkit infections (usually zombie
machines) are not uncommon anymore. On a same machine after killing
uTorrenr, Rootkit revealers didn't report anything. But after scanning
machine remote (nmap) I noticed unusal ports opened (netstat and
activeports didn't report anything there), so probably rootkit was
running. ZA didn't report anything as well.
arja
> In contrary to the good for nothing windows firewall Zonealarm offers
> monitoring of the outgoing traffic so you?r notified when you?r infected.
This does not work reliably and only with very dumb malware. As a
drawback, your user has to answer security related questions in popups
and so has the possibility (and for sure will do) fuckup the complete
concept.
Yours,
VB.
--
"Life was simple before World War II. After that, we had systems."
Grace Hopper
Wilf wrote:
>One positive aspect of your post is that you have provided a brilliant
>platform for Volker Birk and others to stand on their much trodden soap
>box again ;-)
Do you remember when AtGuard rule sets used to be shared and discussed
here?
Postal Dude
> On Sun, 03 Dec 2006 01:59:38 +0000, Craig wrote:
>> "Postal Dude" wrote...
>>> What if the malware has added itself to ZA's "allowed" rules? Then
>>> it does not give an alert.
>>
>> Doesn't password-protecting ZA prevent unauthorized "additions?"
>
> It should, at least in theory. I am not sure if ZA still falls under
> the snake oil/smoke and mirrors category (haven't messed with it for a
> few years), but there are a lot of snake oil pf's that can be disabled
> with something as simple as a registry value change. If I am not
> mistaken, earlier versions of ZA were vulnerable to that weakness.
The latest version of ZA I had looked at (6.5 Pro) still had all of its
config files world-writable and "protected" them by keeping them locked
while opened. Plus, it installed a ton of kernel-hooks to intercept file
and registry operations.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
Ansgar -59cobalt- Wiechers wrote:
> Postal Dude
>> On Sun, 03 Dec 2006 01:59:38 +0000, Craig wrote:
>>> "Postal Dude" wrote...
>>>> What if the malware has added itself to ZA's "allowed" rules? Then
>>>> it does not give an alert.
>>> Doesn't password-protecting ZA prevent unauthorized "additions?"
>> It should, at least in theory. I am not sure if ZA still falls under
>> the snake oil/smoke and mirrors category (haven't messed with it for a
>> few years), but there are a lot of snake oil pf's that can be disabled
>> with something as simple as a registry value change. If I am not
>> mistaken, earlier versions of ZA were vulnerable to that weakness.
>
> The latest version of ZA I had looked at (6.5 Pro) still had all of its
> config files world-writable and "protected" them by keeping them locked
> while opened. Plus, it installed a ton of kernel-hooks to intercept file
> and registry operations.
>
That doesn't sound too great. Is KIS6.0 any better in this respect - it
claims to protect its own files and also monitors all manner of process
activity?
--
Wilf
Wilf
> Ansgar -59cobalt- Wiechers wrote:
>> The latest version of ZA I had looked at (6.5 Pro) still had all of
>> its config files world-writable and "protected" them by keeping them
>> locked while opened. Plus, it installed a ton of kernel-hooks to
>> intercept file and registry operations.
>
> That doesn't sound too great. Is KIS6.0 any better in this respect -
> it claims to protect its own files and also monitors all manner of
> process activity?
I only took a closer look at a small selection of personal firewalls
(ZA, Norton, Sygate, Outpost, Tiny, Kerio, Norman). Kaspersky was not
among them, so I can't tell whether they do the same or not. I would
suspect that they don't, though, because ZA is the only one showing this
behaviour IIRC.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
http://www.circuitcity.com/ssm/ZoneAlarm-Internet-Security-S uite-2007-PC/sem/rpsm/oid/161271/rpem/ccd/productDetail.do#t abs
$50 and unavailable at Circuit City
http://www.compusa.com/products/product_info.asp?product_cod e=341456&pfp=search&tabtype=pi#moreinfo
http://www.compusa.com/products/product_info.asp?product_cod e=341456&pfp=search&tabtype=rv#review
$50 and a $20 mail-in rebate at CompUSA on-line or retail.
Caution: this software requires 128 MB of RAM with Win XP. (I wonder how much
less RAM it would use if you didn't install the ZA anti-virus portion?) I'm
running out of RAM to put this on a Dell machine with 512MB of RAM, about 175 MB
left after boot-up (IE7 stole a lot of RAM, about 80 MB)