Myself and a coworker are evaluating ZoneAlarm (free version) and noticed something that bothers us…we put it on a workstation on a corporate network (we are admins) and set it up, then performed a few attacks which were successfully blocked. We left it running and focused attention on a routine copy from a file server down the road in another building (connected via T1). During the ENTIRE file copy process the little green/red meter on ZoneAlarm never moved. Not once. Is this not supposed to display TCP/IP activity of ANY sort? We are using NT4 SP5 and only running TCP/IP. No other protocol is installed or running.
Is NT using some other way to xfer the files or is ZoneAlarm not seeing it or not working properly?
