Application Layer Gateway Service requests incoming access?

Discussion in 'other firewalls' started by vincenzo, Aug 3, 2006.

Thread Status:
Not open for further replies.
  1. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    I've just installed the McAfee firewall and I am seeing the Application Layer Gateway Service alg.exe requesting incoming (server) access. Is this something that is normal and should be allowed? I've been told that very few services need incoming access.

    Thanks
     
  2. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi vincenzo,
    Application Layer Gateway is only needed for windows firewall and ICS (internet connection sharing). If you are not using either of these you can block all comms for alg.exe
     
  3. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    OK thanks for the info.

    Is it normal for alg to request access for incoming communication, or does this indicate the presence of some sort of malware?

    Thanks
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi vincenzo,
    I have never had this service/application run on my PC to actually monitor.
    (When this service/application is run for ICF/ICS then it does actually require inbound/outbound FTP)
    without much more info, it would be difficult for me to determine.

    First check the location of alg.exe,.. this should be at (only) \windows\system32\
    Have you an AV/malware scanner installed?

    For peace of mind, you could perform "online scans"
    http://www.trendmicro.com/hc_intro/default.asp
    http://www.kaspersky.com/virusscanner
     
  5. BlitzenZeus

    BlitzenZeus Security Expert

    Joined:
    Feb 11, 2002
    Posts:
    451
    Location:
    Oregon, USA
    Alg invisibly redirects traffic when its running, for example if you are setup as an internet gateway your firewall must allow this to allow the traffic to the other machines on the lan, also if your not using either if these features it will still redirect non-passive ftp traffic, which means that traffic must be allowed.

    If your not running the XP firewall, and have no plans on using your computer as an internet gateway stop and disable the service. Start -> Run: services.msc from an admin account.
     
  6. vincenzo

    vincenzo Registered Member

    Joined:
    Nov 28, 2005
    Posts:
    151
    OK thanks to all for the help.
     
Thread Status:
Not open for further replies.