McAfee Desktop firewall 8.5 port 1034 open

Hi!

I just installed McAfee Desktop firewall. When i do online scans (grc.com and pc.flank), they say port 1034 is open. How i can close that port? Computer is scanned with several AV's and other malware proggies.


Thanks,


Ludow

[musicman]

Hello Ludlow:
I suggest going to McAfee Website and download the manual pdf file on the firewall, this should give you the necessary info on how to stealth port 1034. Also if you wish contact tech support they also should help

Thanks for the reply. Have a great one.

[CrazyM]

You could try doing a netstat to determine which process is listening on that port (likely a Windows service) and then check your firewall rules for that service and make sure it is not allowing inbound connections.

Regards,

CrazyM

Hi CrazyM. Thanks for the advice. Nokia'a mrouter (mobile device) was listening/opened that port. It's sorta strange cause other FWs don't do that . It must be FW spesific "feature". So McAfees Desktop 8.5 FW ain't water proof.


Best regards,

Ludow

[Kerodo]

Has to be your configuration there. I am using this firewall right now with great results. I am extremely impressed with it. Perhaps you can create a rule for that app to block any inbound traffic? That might do it.

Yep, its bullet proof, one of the best offerings to come out currently and that too surprisingly from McAfee, check out SSC review at http://www.fluxgfx.com/ssc/showthrea...=newpost&t=173

[Kerodo]

Yep, this is a real nice firewall guys.. Been using it here for a while today, on Jazzie's recommendation. Very cool..

I didn't realize this thread was so ancient, sorry. But this one deserves mention. Nice rule based firewall with IDS and some excellent anti-hooking features as well. Kinda like a firewall/ids/anti-hook combo that's really nice. Light as well. Very light.

Highly recommended anyway... for anyone wanting to try it out. See the link Arup posted above or check out this one also:

http://www.mcafee.com/us/products/mc...p_firewall.htm

[CrazyM]

McAfee acquired Signal 9 (ConSeal PC Firewall) some time ago, and it was a solid packet filter. Perhaps McAfee Desktop Firewall is where they have taken development of that code to.

Regards,

CrazyM

Crazy M,

I would guess so, it does look quite familiar to Conseal, specially the rule making.

[Jazzie1]

Hi all!

I want to stress that while in learning mode with either the packet filter and or the application filter, the fw will ask permission for every connection attempt(s). I don't have any 'inbound' rules so I disable the inbound learning. Plus, it is not necessary to have the ids enabled if you don't have any inbound services! Meaning all your ports closed!!! By defualt you should place your clients behind the 'High Client Security' policy---


Regards
Jazzie

[muf]

Well i just tried to download this v8.5 McAfee Firewall. Filled in the form and hey presto! tells me i'm in a country that USA can not sell to by law. So please tell me, since when did the USA change the law so that they can't sell to a resident of the United Kingdom? What hope for the firewall if their form can't even recognise i'm in England!!!

muf

[shoe]

Good question I would post it here.

http://forums.mcafeehelp.com/viewfor...d16ab5f6d717bf

[Chuck57]

I downloaded McAfee Desktop firewall a few hours ago and have a question. In View - Firewall policy I have enable firewall checked, learn mode I have incoming enabled NOT checked and outgoing checked. Does that sound right, or should they both be checked. Haven't made any incoming rules, and the firewalls shows fully stealthed at grc.com, pcflank, and at Sygate.

I like this firewall. All I need to do is justify to myself why I need another one. This could become my main firewall.

[Jazzie1]

Yes that is correct! Even if you would have incomming checked, Mcafee would still ask you if the connection is ok to establish.. Like I stated before, if you don't have any inbound connection(s) than leave the inbound learning rule off...You will notice that if you turn of the app hook-app/monitor learning mode that nothing else that isn't allready on your list will be able to connect. So it is a good idea, to let the learning mode stay enabled for a few days (running all the apps that connect to the inet) and than turn it off... Also set the policy to high client security..

Regards
Jazzie

[Chuck57]

Thanks, Jazzie1. Got it, except for Client Security Policy. I don't see anything anywhere about it. It's listed in the help files, but doesn't say where to find it. I've checked all 4 of the policy areas.

[Jazzie1]

Hi! on the Firewall Policy page (first page) there is a drop-down arrow for Protection Level: Custom, Client medium,Client High, ect...Now you might not want icmp or bootp, so you can deselect those by simply removing the checkmarks...



Regards
Jazzie

[Chuck57]

Strange, I don't have a drop down arrow for protection level. There's no place on any of the tabs to set the protection level. I hadn't noticed that before.

I'm trialing this firewall, haven't purchased it. Maybe that's something that comes with purchase.

[Chuck57]

Reference above post. I uninstalled and reinstalled McAfee firewall and the protection level setting showed up. Thanks for the help Jazzie1. Guess the first unzip and install didn't get it all.

[Jazzie1]

Weird, glad you got it going!

Regards
Jazzie

[shoe]

All is stelth for me but ping reply failed on GRC how do I correct it

[Chuck57]

Just ran this firewall through a few leaktests. I was curious how it would perform. It passed all that I tried. I was warned of the applications trying to open, denied them, and they didn't open.

I'm assuming that if I had allowed the .exe to open I would have granted permission for the test to run. By not allowing it to open, it couldn't run. I've never run leaktests before, and am guessing that's how it's supposed to be done.

The more I play with this McAfee firewall, the more impressed I am.

[RobZee]

Quote:

Originally Posted by muf

Well i just tried to download this v8.5 McAfee Firewall. Filled in the form and hey presto! tells me i'm in a country that USA can not sell to by law. So please tell me, since when did the USA change the law so that they can't sell to a resident of the United Kingdom? What hope for the firewall if their form can't even recognise i'm in England!!!

muf

On my first attempt to download it, I was also rejected, but I just thought they didn't properly recognize Texas! Second attempt was successful.

Rob

[theshadow247]

Quote:

By defualt you should place your clients behind the 'High Client Security'

every time i try to put my protection level at client high all my rule made from learning disappear and my protection level goes back to custom.how can i save the rules made from learning mode.

[ellison64]

you can save all your rules by clicking task>export policy.It will be saved as a MDFPolicy.pfr file.You can save it (with any name) where you want to.It will then show in the protection level dropdown (where all the other levels are).If you want to load high level for example you will have to untick 1 or both learn mode boxes.
ellison