=)nortion fire wall settings perty pleas

lol im on a windows xp i got nortion personal fire wall
what are the settings on dial up recomendations pleas im new to xp and nortion personal fire wall

 

Hi Blaze,

I hope someone will come by to help you here.
In the meanwhile, could you post the version,
like NPF 2000 or 2001 or 2002 or 2003

 

Some really nice, very useful and free utilities for AtGuard/NIS/NPF (but NOT for the versions 2003 of NIS/NPF).
Everyone that will try to help you, might probably ask you for some info from these utilities!

From Albert:

http://www.capimonitor.nl/index.htm

Go to AtGuard & NIS.

Download and install "Rules Viewer" and "AtGuard NIS Settings".


From Sven:

http://home.debitel.net/user/svenschaef/logview/

Download and install "NIS LogViewer".

 

norton personal firewall 2002

 

Hopefully you followed FanJ's advise and got the utilities mentioned. They will work with 2002 and make life with NIS/NPF alot easier.

The default rules will usually be enough to get you going, but can be improved upon. Is there anything in particular you were wanting clarification on?

CrazyM

 

Hi Blaze,

You might have a look at AGNIS:

http://www.staff.uiuc.edu/~ehowes/resource.htm#AGNIS

It's a free add-on for AtGuard/NIS/NPF from Eric Howes (the man who also makes IE-SPYAD).

I suppose in Brenda's NPF2002 the ad-blocking feature is enabled.......

Well, Agnis contains a longer list of sites than the one which you get by default from Symantec for NPF.
Every time Eric Howes comes with a new version of IE-SPYAD, he gives also a new version of Agnis.
While IE-SPYAD places all those sites in the list in the Restricted Zone of Internet Explorer (and then all those sites have to follow the policy that you have set up for the Restricted Zone), Agnis will simply block connections to all those sites in case an advertisement would like to phone home.

Have a look at that site and read the Read-me.

 

will i was thinking of the act as a sever part like zapro has does notion have simmilar case all i see is permit all and automatic?

i want aol to have acess but i dont want it to act as a sever how does this work in nortion or is zap the only one with that option

 

With ZAPro you have two options for act as a server, Local and Internet.
Some programs may require act as a server for Local (localhost 127.0.0.1 - your system) for which you would you use the local zone/trusted sites in ZA. Unless you are running an actual server (Web, Mail, etc.) none should require acting as a server for the Internet.

With NIS/NPF programs requiring Local server rights (localhost) are covered off by the default loopback rule which allows your system/programs to do this. You do not need to make any rules for this. NIS/NPF/NAV make extensive use of the default loopback rule. To allow a program to act as a server for the Internet would require a specific rule allowing that type of inbound traffic.

If you have created a rule(s) (automatic or custom) for AOL allowing only outbound connections you are fine.

Example of my Trillian rule for AIM:

Rule XX Tillian Instant Messaging - AIM
Category: General
Rule in use: YES
Logging: NO
Protocol: TCP
Action: Permit
Direction: Outbound
Application: (trillian.exe)
..........Path: c:\program files\trillian\trillian.exe
..........SHA1: ad 67 80 f0 ae 76 14 bf f6 2c 27 fc 5e cf 5f ad 50 f0 1a 4a
........Access: Custom
Local service: (1024 - 5000)
..Range Begin: 1024
.....Range End: 5000
Local Address: Any Address
Remote Service:
..........Port: 5190
Remote Address: Any Address

This allows outbound for IM chat only. If you let NIS/NPF automatically create rules for AIM, you will likey have several in your rule set. You can always review/customize these rules and delete those you will not require.

I would recommend disabling automatic rule creation (found under Personal Firewall > Internet Access Control > Configure).

If you leave this enabled NIS/NPF will automatically create rules for applications without your knowing if it has auto config files for the application.

You are better off to disable it, then when the rules assistant/wizard pops up for a new application, you can still allow NIS/NPF to automatically create a rule(s) for you, just select NO when it prompts you to allow automatic rule creation again. You can always go into Internet Access Control and customize the automatic rules afterwards to suit your specific needs. One of the nice things about a rule based firewall is the ability to customize your rule set to meet your specific requirements/needs.

Hope this helps. Be sure to let us know if you have any further questions about customizing your rule set.

CrazyM

 

Hi Blaze,

I saw that CrazyM posted some better answer, so I deleted some of mine.

Utilities that could help you here, are Rules Viewer and Log Viewer (I mentioned them earlier in this thread).

With Log Viewer you can get a good overview over the connections that an application has made:
From which ports at your PC,
To which url (remote address),
And at which remote port at that remote address.

Have a look at this screenshot for an example:
http://home.debitel.net/user/svenschaef/logview/images/lvmain.gif


With Rules Viewer you can see all the rules.
Rules are processed by NPF from top to bottom.
As soon as a rule could be followed by NPF for a certain connection, no other rules beneath it will be looked at by NPF. That’s why it is important to have the right order (sequence) for the rules.

Install Rule Viewer and read it’s read-me.
Rules Viewer gives you the possibility to make a text file with all your rules.
If you like, you could copy them and post them here.
But it might be a much and much too big list!
So we have to think about that.
Here is a very short example of how such a list of rules might look like:


Example Rules:
------------------------------------------------------
Rule 2 Default Inbound ICMP
Rule in use: YES
Logging: NO
Protocol: ICMP
Action: Permit
Direction: Inbound
Application: -
Local Service:
..........Type: 3
..........Type: 0
..........Type: 11
Local Address: Any Address
Remote service: Any Service
Remote Address: Any Address
------------------------------------------------------
Rule 4 Default Inbound DNS
Rule in use: YES
Logging: NO
Protocol: UDP
Action: Permit
Direction: Inbound
Application: Any Application
Local service: Any Service
Local Address: Any Address
Remote Service: (domain)
..........Port: 53
Remote Address: Any Address

 

Blaze,

See these 4 great threads by CrazyM for general guidelines for rules:

http://www.wilderssecurity.com/showthread.php?t=4413

http://www.wilderssecurity.com/showthread.php?t=4419

http://www.wilderssecurity.com/showthread.php?t=4423

http://www.wilderssecurity.com/showthread.php?t=4426

 

Hi. Thought I would ask this since it is a thread about rules in NPF. I'm trying out NPF 2003. I use Ad-Subtract Pro. Win98SE.

I ran a Port 4444 scan for Ad-Subtract Pro at PC Flank to see if it was stealth. It was Open. How do I get Port 4444 stealth using NPF 2003?

I am a novice when it comes to rules based firewalls. NPF is set at default settings.

 

No harm in starting your own thread for your particular issue to keep things from getting confusing.

You could start your own post and include the details for you existing rule in NIS for Ad-Substract Pro as we will need that info to help determine what is going on.

Regards

CrazyM