Fuddland
I’m not sure what the boffins at Symantec have done whilst patching up the serious security flaws in their firewall software, but whatever it is doesn’t play nicely with my PC. Browsing the ‘net with my firewall enabled became unbearably slow — we’re talking transfer rates measured in single-digit bits per second people.
Of course, I didn’t realise immediately that it was my firewall causing the slowdown. Given my previous connection woes, my first thought was that Freeserve Wanadoo had had an influx of new users in my area and the exchange was struggling under the new load — a theory backed up by my ASDL Exchange Capacity report coming up with Status: Red.
Most Virtual Circuits to your local exchange are running at capacity at peak times, this will result in a slowdown of your connection, browsing and download speeds. BT are aware of the issue and are in the process of increasing capacity to this exchange.
I held off calling up the support line, but my reason for that was that I really didn’t fancy being put through the usual motions of unplugging the modem, rebooting, reinstalling the drivers, being told I needed to plug the modem directly into the wall socket without any extensions, checking that a small family of gerbils hadn’t set up home inside the computer’s case, being told not to surf the ‘net just after eating, making sure my hair was dry before going outdoors to avoid getting an ear-ache [does anyone know anyone to whom this has actually happened?], eat my greens, don’t talk to strangers, and look both ways when crossing the street. Oh, and make sure the computer is turned on.
Strangely, in my experience one of the last things the support people tell you to do is disable your [software] firewall, which I’ve always found odd because it’s a fairly simple thing to rule out early on: disable firewall; if the connection’s still not working, try something else, before all the rebooting/reinstalling malarkey.
It was whilst deciding not to ring the support line that I idly disabled my firewall and noticed that the four or five browser tabs I had open all finished downloading their content within a couple of seconds. Some more investigation [enable firewall: slow browser; disable firewall: fast browser] confirmed this was the problem. So I don’t know what Symantec have done — perhaps some radical effort to prevent their firewall’s vulnerabilities being exploited by making the connection completely unusable?
Obviously I wasn’t going to remain open to attack so I quickly downloaded ZoneAlarm, and [once it calmed down and had been told which programmes are allowed to use the connection] I’m pleasantly surprised to find it seems to allow much faster browsing; I knew having a firewall slowed your connection up slightly, but didn’t realise there could be a tangible difference between different firewall products. There could be some residual after-effects of such painfully slow browsing earlier, but I’m fairly sure ZoneAlarm — the basic version of which is free of charge — is significantly faster Norton’s product, for which you have to pay, and performs just as well as a firewall as far as I can gather.
Comments
Gordon | 2004 / 05 / 19 – 23:52
I’ve been using ZoneAlarm (Pro) for a year and a half and it’s … well it must be doing it’s job as I’ve not suffered outage due to attack and I rarely notice it at all.
We use Symantec at work on our PCs (which are behind the corporate firewall - anal??) and it’s a pile of kack. Slower than a slow thing that’s very slow…
Lyle | 2004 / 05 / 20 – 08:09
One thing to be aware of though - as I’ve recently discovered to my cost - is that all software firewalls are complete bastards. I’ve now got a hardware firewall/router, and so uninstalled the software firewall (Sygate, if you’re interested - but on further investigation, all of them do similar things). Bang, no connection at all. Reboot - still no connection.
It turns out, all software firewalls basically pervert the TCP/IP stack, the basic communication protocol to the internet. When they’re uninstalled, they leave behind a stuffed stack, which can in bad cases demand a complete Windows reinstall.
You’re better off getting a decent firewall/router combination if at all possible.
Mark | 2004 / 05 / 20 – 08:41
Don’t like Symantec, never liked ZoneAlarm. I use Kerio which is just a rebadged Tiny Firewall and I use it both at home and on my work PC (never can be too careful) despite our external protection too which was handy when we recently had some unwelcome visitors on a couple of servers through a hole (that they deny exists) in Remote Admin. They probably would have remained hidden too if they hadn’t tried to send IRC packets to my computer.
Jann | 2004 / 05 / 20 – 11:03
Personally, I’ve never trusted Norton or McAffee to not stuff things up one way or another. I’ve always used ZoneAlarm as it is undoubtedly one of the best software firewalls around, although for the past few months I’ve been using Trend Micro Internet Security Suite which has the added bonus of top-notch virus scanning as well. It’s cheap (free in my case) and it doesn’t constantly ask you to pay further subscribtion charges for the privelege of staying safe and secure.
Daisy | 2004 / 05 / 22 – 00:17
Has this happened recently David? Because I’ve been having the very same problem since last week and I also use Norton on the desktop PC (big problems) but AVG on the laptop (far few problems).
I’m sure it’s not BT because a chap up the road practically had the whole of BT’s engineering staff here for a week to determine the cause of our dodgy connections and they’ve rerouted something through the village, thereby making it a “fantastic connection” according to Very Knowledgeable Neighbourman.
I daren’t disable the Norton firewall (such a wuss) but I might download ZoneAlarm first to see what happens.
Daisy | 2004 / 05 / 22 – 00:18
Just looked at the Symantec site and the dates (May 12th) tally. Right, a bit of experimentation this weekend then. Cheers!
David | 2004 / 05 / 22 – 15:15
Re #5 & 6: Glad [in a way] to hear it wasn’t just me affected. ZoneAlarm’s working out just fine, you should have no problems with it.
Daisy | 2004 / 05 / 22 – 15:59
I’m on the laptop now with ZoneAlarm, just the install text is so much friendlier (in tone and simplicity). And to think of all that money spent on Symantec. The stupid thing is, I’ve recommended ZA to quite a few people over the years (based on rave reviews just about everywhere) but not really used it myself.
Commenting Closed
Commenting on this post is closed. Thanks to all those who left comments. If you'd still like to say something about this entry, feel free to email me.
