|
|
Workshops and Guides
by [HELP]LiquidRaver, [HELP]Innate & [HELP]WolfBlade
Firewall Configuration/Settings
�
Windows XP SP2/3 Firewall Workshop
How can I turn on or turn off the firewall in Windows XP Service Pack 2 or later versions?
This article describes how to turn on the firewall or turn off the firewall in Windows XP Service Pack 2 and Service Pack 3.
Note A firewall is software or hardware that checks information that comes from the Internet or from a network. Then, the firewall either blocks the information or lets the information pass through to your computer.Whether information is blocked or passed through depends on your firewall settings. A firewall can help prevent malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers. Windows XP, Windows XP Service Pack 2 (SP2), and Windows XP Service Pack 3 (SP3) include firewall software.
How to turn on the firewall
These steps are only for Windows XP SP2 and Windows XP SP3. These steps are not for earlier versions of Windows XP. If you are not sure which version of Windows XP you are running, do the following:
? Click Start, click Run, type sysdm.cpl, and then click OK.
The last line under System tells you what service pack that you are running. If no service pack is listed, you are running the release version of Windows XP.
To enable Windows Firewall, follow these steps:
1. Click Start, click Run, type Firewall.cpl, and then click OK.
2. On the General tab, click On (recommended).
3. Click OK.
Note If the General tab or the On (recommended) option is unavailable, the system may have a policy against running the firewall. Contact the system administrator for more information about how to enable the firewall. In addition, the system may already be running a third-party firewall (Zone Alarm or Norton Internet Security, for example). Contact the system administrator for help in determining whether a firewall is already running on the system.
----
Troubleshooting Windows Firewall settings in Windows XP Service Pack 2 for advanced users
Note This article is intended for advanced computer users. If you are not comfortable with advanced troubleshooting, you might want to contact Microsoft support. For information about how to do this, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/
�
Windows XP Service Pack 2 (SP2) includes Microsoft Windows Firewall, the updated firewall software that replaces Internet Connection Firewall (ICF). If Microsoft Windows Firewall is blocking a port that is used by a service or by a program, you can configure the Windows Firewall to create an exception. Windows Firewall may be blocking a program or a service if the following conditions are true:
? Programs do not respond to a client's request.
? Client programs do not receive data from the server.
A Windows Firewall Security Alert may notify you that Windows Firewall is blocking a particular program. When this scenario occurs, you may unblock the program by selecting Unblock this program in the Security Alert dialog box. To help determine which programs and ports are being blocked, you can configure Windows Firewall to log dropped packets. With Windows Firewall Netsh Helper, you can configure Windows Firewall and Windows Firewall logging at the command prompt. Program compatibility may not always be the issue. Group Policy settings can also prevent programs from running. Windows XP Service Pack 2 (SP2) includes several utilities that you can use to troubleshoot Windows Firewall issues.
The best way to resolve firewall blocking issues is to modify programs to work with stateful filtering firewalls. If you cannot modify a program, you can configure the Windows Firewall to add exceptions for specific ports and programs. This article discusses the failure symptoms that relate to the default configuration of the Windows XP Service Pack 2 firewall, how to configure exceptions for ports and for programs, and how to perform some troubleshoot methods for firewall settings.
Failures that are related to the default firewall configuration appear in two ways. Client programs may not receive data from a server. Server programs that are running on a Windows XP-based computer may not respond to client requests. If a program is being blocked, you may receive the following Windows Firewall Security Alert:
Configuring Windows Firewall by using the Windows Firewall Security Alert
To unblock the program, click Unblock in the Security Alert dialog box.
Configuring Windows Firewall by using the Windows Security Center
Adding a program exception
When you add a program to the exception list, you enable the firewall to open ranges of ports that could change every time the program is run. To add a program exception, follow these steps:
1. Use an administrator account to log on.
2. Click Start, click Run, type wscui.cpl, and then click OK.
3. In Windows Security Center, click Windows Firewall.
4. On the Exceptions tab, click Add Program.
5. In the list of programs, click the name of the program that you want to add, and then click OK. If the name of your program is not in the list of programs, click Browse to locate the program, and then click OK. Note If you do not know where the program is located, contact the program vendor to determine the program location.
6. Click OK.
7. Test the program to verify that the firewall settings are correct.
�
Advanced troubleshooting
This section is intended for advanced computer users. If you are not comfortable with advanced troubleshooting, you might want to contact support. For information about how to do this, visit the following Microsoft Web site:
http://support.microsoft.com/contactus
Recognizing failure symptoms
Failures that are related to the default firewall configuration appear in two ways:
? Client programs may not receive data from a server. For example, the following client programs may not receive data:
. An FTP client
. Multimedia streaming software
. New mail notifications in some e-mail programs
? Server programs that are running on a Windows XP-based computer may not respond to client requests. For example, the following server programs may not respond:
. A Web server program, such as Internet Information Services (IIS)
. Remote Desktop
. File sharing
Notes
. Failures in network programs are not limited to firewall issues. These failures may be caused by RPC or DCOM security changes. Therefore, you have to determine whether the failure is accompanied by a Windows Firewall Security Alert that indicates that a program is being blocked.
. Service failures are not accompanied by a Windows Firewall Security Alert because services are not typically associated with a user logon session. If the failure is service-related, configure the firewall as discussed in the "Configuring Windows Firewall by using the Windows Security Center" section.
Adding a port exception
If you do not resolve this issue by adding a program to the exception list, you can add ports manually. To do this, you must first identify the ports that are used by the program. A reliable way to determine port usage is to contact the program vendor. If you cannot contact a vendor, or if a port list is not available, you can use the Netstat.exe tool to identify the ports in use.
Identifying the ports
1. Start the program and try to use its network features. For example, with a multimedia program, try to start an audio stream. With a Web server, try to start the service.
2. Click Start, click Run, type cmd, and then click OK.
3. At the command prompt, type netstat �ano > netstat.txt, and then press ENTER. This command creates the Netstat.txt file. This file lists all the listening ports.
4. At the command prompt, type tasklist > tasklist.txt, and then press ENTER. If the program in question runs as a service, type tasklist /svc > tasklist.txt instead of tasklist > tasklist.txt so that the services that are loaded in each process are listed.
5. Open the Tasklist.txt file, and then locate the program that you are troubleshooting. Write down the Process Identifier for the process, and then open the Netstat.txt file. Note any entries that are associated with that Process Identifier and the protocol that is used.
If the port numbers for the process are less than 1024, the port numbers will probably not change. If the numbers that are used are greater than or equal to 1024, the program may use a range of ports. Therefore, you may not be able to resolve the issue by opening individual ports.
Adding the port exception
1. Click Start, click Run, type wscui.cpl, and then click OK.
2. In Windows Security Center, click Windows Firewall
3. Click the Exceptions tab, and then click Add Port to display the Add a Port dialog box.
4. Type a descriptive name for the port exception and the port number that your program uses, and then select either the TCP or UDP protocol
5. Click Change Scope
6. View or set the scope for the port exception, and then click OK.
7. Click OK to close the Add a Port dialog box
8. To verify that the port settings are correct for your program, test the program.
�
Using Logging
You can enable logging to help identify the source of inbound traffic and to provide details on what traffic is being blocked. %Windir%\pfirewall.log is the default log file. To enable logging, follow these steps:
1. Click Start, click Run, type firewall.cpl, and then click OK.
2. Click the Advanced tab.
3. In the Security Logging area, click Settings.
4. Click to select the Log dropped packets check box, and then click OK
5. Click OK.
Note Outbound successes are not logged. Outbound traffic that is not blocked is not logged.
Interpreting the log file
The following log information is collected for each packet that is logged:
Fields
Description
Example
Date
Displays the year, month, and day that the recorded transaction occurred. Dates are recorded in the format YYYY-MM-DD, where YYYY is the year, MM is the month, and DD is the day.
2001-01-27
Time
Displays the hour, minute, and seconds when the recorded transaction occurred. Times are recorded in the format: HH:MM:SS, where HH is the hour in 24-hour format, MM is the number of minutes, and SS is the number of seconds.
21:36:59
Action
Indicates the operation that was observed by the firewall. The options available to the firewall are OPEN, CLOSE, DROP, and INFO-EVENTS-LOST. An INFO-EVENTS-LOST action indicates the number of events that occurred but that were not recorded in the log.
OPEN
Protocol
Displays the protocol that was used for the communication. A protocol entry can also be a number for packets that are not using TCP, UDP, or ICMP.
TCP
src-ip
Displays the source IP address, or the IP address of the computer, that is trying to establish communications.
192.168.0.1
dst-ip
Displays the destination IP address of a communication try.
192.168.0.1
src-port
Displays the source port number of the sending computer. A src-port entry is recorded in the form of a whole number, between 1 and 65,535. Only TCP and UDP display a valid src-port entry. All other protocols display a src-port entry of -.
4039
dst-port
Displays the port number of the destination computer. A dst-port entry is recorded in the form of a whole number, between 1 and 65,535. Only TCP and UDP display a valid dst-port entry. All other protocols display a dst-port entry of -.
53
size
Displays the packet size in bytes.
60
tcpflags
Displays the TCP control flags that are found in the TCP header of an IP packet:
? Ack acknowledgement field significant
? Fin No more data from sender
? Psh Push function
? Rst Reset the connection
? Syn Synchronize sequence numbers
? Urg Urgent Pointer field significant
Flags are written as uppercase letters.
AFP
tcpsyn
Displays the TCP sequence number in the packet.
1315819770
tcpack
Displays the TCP acknowledgement number in the packet.
0
tcpwin
Displays the TCP window size in bytes in the packet.
64240
icmptype
Displays a number that represents the Type field of the ICMP message.
8
icmpcode
Displays a number that represents the Code field of the ICMP message.
0
info
Displays an information entry that depends on the type of action that occurred. For example, an INFO-EVENTS-LOST action creates an entry for the number of events that occurred but were not recorded in the log from the time of the last occurrence of this event type.
23
Note The hyphen (-) is used for fields where no information is available for an entry.
Using command-line support
Windows Firewall Netsh Helper was added to Windows XP in the Microsoft Advanced Networking Pack. This command-line helper previously applied to IPv6 Windows Firewall. With Windows XP Service Pack 2, the helper now includes support for configuring IPv4.
With Netsh Helper, you can now:
? Configure the default state of Windows Firewall. (Options include Off, On, and On with no exceptions.)
? Configure the ports that must be open.
? Configure the ports to enable global access or to restrict access to the local subnet.
? Set ports to be open on all interfaces or only on a specific interface.
? Configure the logging options.
? Configure the Internet Control Message Protocol (ICMP) handling options.
? Add or remove programs from the exceptions list.
These configuration options apply to both IPv4 Windows Firewall and IPv6 Windows Firewall except where specific functionality does not exist in the Windows Firewall version.
Gathering diagnostic data
Windows Firewall configuration and status information can be retrieved at the command line by using the Netsh.exe tool. This tool adds IPv4 firewall support to the following Netsh context:
netsh firewall
To use this context, type netsh firewall at a command prompt, and then use additional Netsh commands as needed. The following commands are useful for gathering firewall status and configuration information:
? Netsh firewall show state
? Netsh firewall show config
Compare the output from these commands with the output from the netstat �ano command to identify the programs that may have listening ports open and that do not have corresponding exceptions in the firewall configuration. Supported data gathering and configuration commands are listed in the following tables.
Note Settings can be modified only by an administrator.
Data Gathering
Command
Description
show allowedprogram
Displays the allowed programs.
show config
Displays the detailed local configuration information.
show currentprofile
Displays the current profile.
show icmpsetting
Displays the ICMP settings.
show logging
Displays the logging settings.
show opmode
Displays the operational mode.
show portopening
Displays the excepted ports.
show service
Displays the services.
show state
Displays the current state information.
show notifications
Displays the current settings for notifications.
Configuration
Command
Description
add allowedprogram
Used to add excepted traffic by specifying the program's file name.
set allowedprogram
Used to modify the settings of an existing allowed program.
delete allowedprogram
Used to delete an existing allowed program.
set icmpsetting
Used to specify allowed ICMP traffic.
set logging
Used to specify logging options for Windows Firewall either globally or for a specific connection (interface).
set opmode
Used to specify the operating mode of Windows Firewall either globally or for a specific connection (interface).
add portopening
Used to add excepted traffic by specifying a TCP or UDP port.
set portopening
Used to modify the settings of an existing open TCP or UDP port.
delete portopening
Used to delete an existing open TCP or UDP port.
set service
Used to enable or drop RPC and DCOM traffic, file and printer sharing, and UPnP traffic.
set notifications
Used to specify whether notifications to the user when programs try to open ports are enabled.
reset
Resets firewall configuration to default. This provides the same functionality as the Restore Defaults button in the Windows Firewall interface.
Troubleshooting the firewall
Along with program compatibility issues, the Windows Firewall may experience other problems. Follow these steps to diagnose problems:
1. To verify that TCP/IP is functioning correctly, use the ping command to test the loopback address (127.0.0.1) and the assigned IP address.
2. Verify the configuration in the user interface to determine whether the firewall has been unintentionally set to Off or On with No Exceptions.
3. Use the netsh commands for Status and Configuration information to look for unintended settings that could be interfering with expected behavior.
4. Determine the status of the Windows Firewall/Internet Connection Sharing service by typing the following at a command prompt:
sc query sharedaccess
(The short name of this service is SharedAccess.) Troubleshoot service startup based on the Win32 exit code if this service does not start.
5. Determine the status of the Ipnat.sys firewall driver by typing the following at a command prompt:
sc query ipnat
This command also returns the Win32 exit code from the last start try. If the driver is not starting, use troubleshooting steps that would apply to any other driver.
6. If the driver and service are both running, and no related errors exist in the event logs, use the Restore Defaults option on the Advanced tab of Windows Firewall properties to eliminate any potential problem configuration.
7. If the issue is still not resolved, look for policy settings that might produce the unexpected behavior. To do this, type GPResult /v > gpresult.txt at the command prompt, and then examine the resulting text file for configured policies that are related to the firewall.
Configuring Windows Firewall Group Policy
Contact your network administrator to determine if a Group Policy setting prevents programs and scenarios from running in a corporate environment.
Windows Firewall Group Policy settings are located in the following Group Policy Object Editor snap-in paths:
? Computer Configuration/Administrative Templates/Network/Network Connections/Windows Firewall
? Computer Configuration/Administrative Templates/Network/Network Connections/Windows Firewall/ Domain Profile
? Computer Configuration/Administrative Templates/Network/Network Connections/Windows Firewall/ Standard Profile
From these locations, you can configure the following Group Policy settings:
? Windows Firewall: Allow authenticated Internet Protocol security (IPsec) bypass
? Windows Firewall: Protect all network connections
? Windows Firewall: Do not allow exceptions
? Windows Firewall: Define program exceptions
? Windows Firewall: Allow local program exceptions
? Windows Firewall: Allow remote administration exception
? Windows Firewall: Allow file and print sharing exception
? Windows Firewall: Allow ICMP exceptions
? Windows Firewall: Allow Remote Desktop exception
? Windows Firewall: Allow Universal Plug and Plan (UpnP) framework exception
? Windows Firewall: Prohibit notifications
? Windows Firewall: Allow logging
? Windows Firewall: Prohibit unicast response to multicast or broadcast requests
? Windows Firewall: Define port exceptions
? Windows Firewall: Allow local port exceptions
�
�
ZoneAlarm Firewall Workshop
This workshop is for users having problems playing an online game with ZoneAlarm running.
Solution: Turn Gaming Mode on in ZoneAlarm
Right Click the ZA icon in the System tray & Select Game Mode.
If you wish to perform advanced configurations follow the following directions:
If you are having problem getting an online game to run properly, the first
thing to do is to check the game's help files or support site. Try searching
for the word ZONEALARM, if that does not show anything, try the word
FIREWALL. Follow those instructions. For generic firewall information, use
the instructions below that apply to the manufacturer's instructions:
1) Many games run in 'exclusive' full screen mode. This prevents
ZoneAlarm Alerts, as well as normal windows error messages, from
appearing. When you are unable to see a ZoneAlarm Alert while you are
playing a full screen game there are a few things you can do to attempt to
remedy the problem:
- Set your game to run in a window. This will allow you to see the alert if
the game is running in a resolution lower than your desktop. If your
mouse is locked to the game try pressing the windows key, and you should
be able to use the mouse to click on the alert. Then simply reset the
game to run full screen after allowing it Internet access. Check the game
documentation or support site for information on how to run the game in a
window.
- Change your rendering mode to 'Software Rendering'. This will allow
Windows to overlay the ZoneAlarm Alert on top of your game screen. After
allowing Internet access, you can change back to your preferred rendering
device. Check the game documentation or support site for information on
how to change this.
- Press Alt-Tab to toggle back into windows. This leaves the game running,
but allows you to respond to the alert. Once you have allowed Internet
access you press Alt-Tab again to restore your game. This may cause
some applications to crash, especially if you are using Glide or OpenGL;
however, the problem should be corrected the next time you run the
game. Sometimes you can use Alt-Enter in the place of Alt-Tab.
2) Some games require that you add the manufacturer's game servers to
your Trusted Zone (by name, IP address, IP range or any combination).
You should be able to find this information in the game documentation, or
from the game manufacturer's web site. Please do the following to add a
trusted Host/Site, IP Address or IP Range to your Trusted Zone.
- Click on Firewall -> Zones -> Add
- Select IP Address, subnet, IP range, or site. (a range cannot be larger
than a subnet)
- Under Description, enter a name or description.
- Enter the Host/Site, IP Address, subnet or Range.
- Click OK then click Apply.
You should add ALL of the information as stated by the manufacturer in
order to avoid connection problems.
3) Some online games require specific ports to be opened. You can learn
more about these requirements within the documentation for your game,
or from the manufacturer's web site. Click on Firewall -> Main -> Internet
Zone -> Custom button. Scroll down to the appropriate port type, TCP or
UDP and Incoming or outgoing. Check the box next to the appropriate port
and a text box will appear where you can enter the port number(s) below.
Type the port number or range (i.e. 6970-7070) you would like opened.
4) You can add the program before you run it. Check with the
manufacturer's support site for the name of any executable programs that
will require access. In the Programs panel, scroll down to the white area at
the bottom of the programs list. Right-click and highlight Add Program.
Browse to the directory that contains the executable you are looking for
and click Open.
You can also specify the default behavior of new applications, to allow it
access without asking (however, you should turn this back to the default of
Ask, or else Deny once you have the program listed and configured). Go to
Program Control -> Main -> Advanced button -> Access Permissions tab;
change all settings to Accept, and click Apply. Start the game, connect to
the Internet, stay connected for several minutes, then disconnect. Check
the Program settings for the game.
5) If you are using Voice Over IP (Dialpad, game and chat software voice
ability, etc), there are several ways you can use this feature with
ZoneAlarm running.
- You will need to give the program access rights, and Server rights. If you
know the actual IP address of the person or system that you will be talking
to, you can try adding that IP address to your Trusted Zone, and then the
program will only require those rights for Trusted Zone. Otherwise you will
need to open ports in the firewall to accept incoming requests.
Note: If you plan to host your own game, the information in 5) above will
also work.
In some cases you may need to drop the Internet Zone to Medium while
Playing. Setting the Internet security level to medium does not leave you
unprotected, as ZoneAlarm, in addition to its firewall capabilities, provides
protection against hackers through its unique application control feature.
Our product only allows applications the user specifically approves to
communicate through the Internet. Our two measures of security taken
together provide the utmost protection for our users.
�
Norton Internet Security 2008
STEP 1
Allow access to the program in Firewall Program Rules
� �
1) Start Norton Internet Security.
2) In the main pane, click Norton Internet Security tab.
3) Click Settings.
4) Under Web Browsing, click Personal Firewall and then click Configure.
5) In the left side of Norton Internet Security Options window, click Personal Firewall and then click Program Control.
6) In the Program Column, select the specific program.
7) Change the Access from Block or Custom to Allow.
8) Click OK.
STEP 2
�
Delete temporary files
� �
1) Run a tool to delete the temporary files. RUN IT NOW
2) After the tool runs, restart your computer.
STEP 3
� Delete cookies and Internet temporary files
� �
1) Open Internet Explorer.
2) On the Tools menu, click Internet Options.
3) On the General Tab, under Browsing History, click Delete.
4) Click Delete files, and then click Yes.
5) Click Delete cookies, and then click Yes.
6) Click Close, and then click OK.
Norton 360 Version 3.0
If your Internet-enabled application or device cannot access the Internet after installing Norton 360 Version 3.0, then read the document:
Modify the Firewall Program Rules
1) Start Norton 360.
2) Click Settings.
3) Click Firewall.
4) On the Programs Rules tab, in the Program column, scroll through the list until you find the program that you want to allow access. For example, if you are unable to use GameSpy Arcade, scroll through the list until you find the entry for GameSpy Arcade. The rule for Yahoo! Messenger will be listed like:
Yahoo! Messenger
C:\Program Files\GameSpy Arcade\Aphex.exe
5) Do one of the following:
� �* � � �If you find the entry for the executable file of the program, change the Access to Allow and go to line 14
� �* � � �If you are unable to find the entry for the executable file, click Add and go to line 6.
6) Select the executable file that you need to configure and click Open.
7) Click Manually configure Internet access (Recommended) from the drop-down list and then click OK.
8) Click Allow, and then click Next.
9) Choose the default setting of "Any computer," and click Next.
10) To apply this rule to all ports (default option), select "All types of communication (all ports, local and remote)", and click Next.
11) Click Next.
12) Specify a text description for this rule, and then click Next.
13) Review the information about the rule. If it is correct click Finish, and then click OK.
If it is incorrect, use the Back button to go back to a previous step and make changes.
14) Click Apply.
15) Click Close.
16) Try to use the program.
McAfee Personal Firewall Workshop
Security Levels for McAfee Personal Firewall
Summary: This article explains the various security levels available in Personal Firewall
Affected Suites:
Affected Products:
Affected Operating Systems:
Total Protection
Internet Security Suite
VirusScan Plus
Personal Firewall
Windows 2000
Windows XP
Windows Vista
Description
The McAfee Personal Firewall security levels allow you to control how much interaction is required to validate communications to and from your computer. When the firewall detects network communication that does not have a rule defined for handling, an alert will display prompting you to allow or block that communication. The more restrictive a security level chosen the greater the number of rules are in effect, and more options and alerts�are displayed.
In version 9, there are 6 levels available in the security slider on the Firewall,�Security Level page as well as the Lockdown button under common tasks, and the on / off radio buttons in the Firewall protection windows on the Internet & Network Configuration page.
In version 10, there are 3 levels on the Firewall Security Level page as well as the Lockdown button under common tasks, and the on / off radio buttons in the Firewall protection windows on the Internet & Network Configuration page.
Security Levels for McAfee Personal Firewall
The security level ranges from Lockdown to Open
Security Levels
Version 9
Version 10
Functionality
SLIDER
OTHER
SLIDER
OTHER
Lockdown
Y
Y
N
Y
Blocks all connections this is similar to unplugging the network cable.
Stealth
Y
N/A
Y
N/A
Blocks all connections you haven�t configured a rule for. This setting is used to hide your computer's presence on the Internet.
Tight
Y
N/A
N/A
N/A
Alerts allow the user to grant access for application once. Any future changes must be made manually from the Program Permissions pane in MSC.
Standard
Y
N/A
Y
N/A
Alerts allow the user to grant access for applications. Future changes to access will present a new alert allowing the user to update access.
Trusting / Automatic
Y
N/A
Y
N/A
Little or no action is required by user for connections to be allowed.
Open
Y
Y
N
Y
Allows all connection types to any location, this is similar to turning off the firewall. This is similar to turning off the firewall.
Solution
Steps to Configure Security Settings:
1. Right-click the McAfee icon and select Open SecurityCenter.
2. From the Home menu select�Internet & Network,��then select Configure.
3. From the Firewall protection is enabled section click�Advanced�.
4. From the Security Level section you can change the security level by moving the slider up or down to the desired level.
5. Click Apply to save the settings, and OK to close the Advanced panel.
NOTE: If you are a novice user we recommend using the default settings.
Other Firewall Controls
Lockdown Firewall:
You can use the�Lockdown Firewall feature to instantly block all network�communication between your computer and any network, including the Internet.
1. On the McAfee SecurityCenter pane under Common Tasks, click Lockdown Firewall.
2. On the Lockdown Firewall pane, click�Lockdown or Enable Firewall Lockdown.
3. Click Yes to confirm.
NOTE: You can also Lockdown Firewall by right-clicking the SecurityCenter icon�in your taskbar, clicking Quick Links, then clicking Lockdown Firewall.
Restore Firewall settings
You can quickly restore Personal Firewall to its original protection settings.
Restore resets your security level to Trusting and allows outbound-only network access, enables Smart Recommendations, restores the list of default programs and their permissions in the Program Permissions pane, removes trusted and banned IP addresses, and restores system services, event log settings, and intrusion detection.
1. On the McAfee SecurityCenter pane, click Restore Firewall Defaults.
2. On the Restore Firewall Protection Defaults pane, click Restore Defaults.
3. Click Yes to confirm.
NOTE: You can also restore the Personal Firewall default settings by right-clicking the SecurityCenter icon in your taskbar, clicking Quick Links, then clicking Restore Firewall Defaults.
Stop firewall protection
You can disable Personal Firewall if you do not want to protect your computer from intrusion and unwanted network communication. When Firewall is disabled, you cannot manage inbound or outbound Internet connections.
NOTE: For your protection, McAfee does not recommend disabling the Personal Firewall.
1. On the McAfee SecurityCenter pane, click Internet & Network, then click Configure.
2. On the Internet & Network Configuration pane under Firewall protection is enabled, click Off.
Detailed Description of firewall levels:
? Lockdown: Blocks all inbound and outbound network connections including access to Web sites, e-mail, and security updates. This security level has the same result as removing your connection to the Internet. You can use this setting to block ports you previously�opened on the System Services pane.
? Stealth: Blocks all inbound Internet connections, except open ports, hiding your computer's presence on the Internet. The firewall alerts you when new programs attempt outbound Internet connections or receive inbound connection requests. Blocked and added programs appear on the Program Permissions pane.
? Tight: Alerts you when new programs attempt outbound Internet connections or receive inbound connection requests. Blocked and added programs appear on the Program Permissions pane. When the security level is set to Tight, a program only requests the type of access it requires at that time, for example outbound-only access, which you can either allow or block. Later, if the program requires both an inbound and an outbound connection, you can allow full access for the program from the Program Permissions pane.
? Standard: Monitors inbound and outbound connections and alerts you when new programs attempt Internet access. Blocked and added programs appear on the Program Permissions pane.
? Trusting/Automatic: Allows programs to have either inbound and outbound (full) or outbound-only Internet access.
? Open: Allows all inbound and outbound Internet connections (Not recommended).
How to configure McAfee Personal Firewall to allow inbound connections on specific ports
Summary: This article will help you configure your McAfee software to allow remote connections to your system.
�
Affected Suites:
Affected Products:
Affected Operating Systems:
Total Protection
Internet Security Suite
PC Protection Plus
VirusScan Plus
Personal Firewall
Windows 2000
Windows XP
Windows Vista
Description
McAfee Personal Firewall has default security levels set to block remotely initiated connections. These settings help protect your computer from malicious activities.
The default settings allow your computer to access remote computers, but will block other computers from accessing your computer. If you would like remote computers to be able to connect to your computer, you must configure Personal Firewall to allow incoming connections.
When sharing resources, there are several ways that data access may be restricted:
? By port (security software such as Personal Firewall)
�
? By settings in your Router (such as a built-in firewall)
�
? By your Internet service provider.
Note: Router issues may be related to the default access rules or the maximum number of connections allowed by the router itself. If the router reaches its maximum number of connections, it may refuse subsequent connection attempts. Router connection issues can appear to be a problem with your McAfee software or other applications; however the solution generally requires you to either reset your router or configure your router to allow more connections at one time. Please consult the manual for specific instructions before attempting to configure reset your router.
To open the required ports in McAfee SecurityCenter, perform the steps below:
1. Double-click the M icon.
2. Click Internet & Network.
3. Click Configure.
4. Below Firewall protection is enabled, click Advanced.
5. From the Firewall menu on the left, select System Services.
6. Click Add.
7. Type the Program name of the application or service to help identify the new rule.
8. Type the Inbound and Outbound TCP/IP ports required by the application.
Note: Fill in the rest of the Ports and System Services fields as required by the application. This is optional.
�
9. Click OK, then click OK again.
10. Restart your computer.
11. After your computer has restarted, verify that the application functions correctly.
Important:
- If you have a local firewall or router you must configure an inbound rule to enable the port(s) required by the application to direct the traffic to your computer.
- Opening the same ports on both your router and computer can allow undesired connections, so extra care must be taken to ensure that your system is secure.
�
Adding an application to the McAfee Personal Firewall Allowed Program list
Summary: This FAQ article will assist you in creating an Allowed Program list rule for applications requiring Internet access through your Personal Firewall.
Affected Suites:
Affected Products:
Affected Operating Systems:
Total Protection
Internet Security Suite
PC Protection Plus
VirusScan Plus
Personal Firewall
Windows 2000
Windows XP
Windows Vista
�
Description
Typically, McAfee Personal Firewall will prompt you to accept or refuse an application's attempt to access the Internet. When you make your selection, a rule is created in the Firewall to enforce your choice.
If an application does not have a rule allowing it to access the Internet, your Personal Firewall will block the application to protect your computer. You can add applications to the Allowed Programs list using the following steps:
1. Double-click the M icon in your taskbar.
2. Select Internet & Network, then click Configure on the right.
3. In the section titled Firewall protection is enabled, click Advanced.
4. Select Program Permissions from the Home list on the left.
5. Click the Add Allowed Program button on the right.
6. Use Windows Explorer to browse and locate your application .exe.
7. Click OK and close SecurityCenter.
|
| Workshops |
|
If you would like to see a Workshop for a Game or a GameSpy features that isn't listed then feel free to give your suggestion to one of the volunteers. The more requests on a Workshop the more likely it'll be created. Thanks for your Cooperation.
|
|
Copyright 1996-2010, IGN Entertainment, Inc.
Website created by [HELP]Astinos and [HELP]Info_Man
|
|
|
|
Main
Arcade
Other
Comrade
IGN Sites