Here's what McAfee firewall look like (4.0) for those who wanted to know.

Discussion in 'other firewalls' started by notageek, Apr 22, 2003.

Thread Status:
Not open for further replies.
  1. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Here's the main part of the firewall.
     

    Attached Files:

    • MFW1.JPG
      MFW1.JPG
      File size:
      60.8 KB
      Views:
      587
  2. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Here's what the Control Internet programs look like. It's not a bad Firewall just has a little learning curve and also leaves port 135 open if you're running WinXP. I'm not sure how to close it.
     

    Attached Files:

    • MFW2.JPG
      MFW2.JPG
      File size:
      71.7 KB
      Views:
      587
  3. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    more than 100 warnings, and i bet most, if not all, were harmless packet transfers.
    Thats the thing with Firewalls, half the stuff they alert on (especially Zonealarm) is harmless, its a shame because the average 'as long as it does its job' user doesn't want to see hundreds of alerts as he instantly thinks he's under attack comparable to WWIII.

    But veering off topic there, how does it run? are the rules easily customiseable?


    Edit* sorry, looks like I replied in the middle of the screenies! :oops: :blink:
     
  4. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    Leaving port135 open is often a cause of 'Generic Host Process' (svchosts) whch you have highlighted there, make sure its not running as a server (a common Sygate problem with Port 135 and new users)
     
  5. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    The rules are a little hard to do if you're a newbie to rule based firewalls. I would say that Kerio is a little easier to fix the rules than McAfee. I know most of the hits where harmless the only hits that wasn't harmless is the ones I did when I ran tests on it.
     
  6. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Yeah I have Generic host blocked and still have the port opened. I never had the problem with Sygate just the problem that Weather Pulse would access the internet without asking. It piggybacked Proxo lol. But to the rules, if you know what you're doing on rule based firewalls I'm sure it will be easy to set up. The only thing I find sad is that All the McAfee programs are program in the filter for you. I see Virus scan not having no point in going online only the updater. lol
     
  7. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Thanks for the pics.
    Can you show a shot of the page that shows when you make a rule? You know, what options you have.
    Also, can you make global system rules, such as block ports 135-139 UDP?
     
  8. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Here you go Root. This is my filter for Generic host. I have it blocked though. You have to click on each of the blue writing to make a filter.
     

    Attached Files:

  9. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Oh yeah I haven't found a place so you can make a global system rule. You have to add a program to make a rule.
     
  10. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Interesting. Thanks.
    Doesn't look anything like Signal9s old firewall. I wonder if it uses the same engine?
    You might try making a rule for SVCHOST.EXE specifically blocking port 135. Not sure if you can do that though.
     
  11. eyespy

    eyespy Registered Member

    Joined:
    Feb 20, 2002
    Posts:
    490
    Location:
    Oh Canada !!
    Thanks for the pics, NaG !
    I always wondered what McAfee FW was like !
    Keep us posted on it's performance.
    I also like the GUI of McAfee FW. Neat and tidy.


    Nice work ! ;)

    regards,
    bill :)
     
  12. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Thanks Root and Eyespy. this firewall get rather annoying with the pop up messages. Everytime I allow a porgram and put a checkmark in remember this it keeps asking. Right now I have to allow all cuz Proxo is not playing nice with McAfee FW. They was getting along and now they aren't. lol Still working on find a way to block port 135. As soon as I get Proxo adn the firewall to work together again I'll try on a rule and let you guys know if it works.
     
  13. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Well I gave McAfee FW a try and thought it was a nice FW but I have some gripes with it. The first is that it lefts port 135 open. the next gripe is that it don't play will with proxo. Every time I put a checkmark in the remember this it block proxo. I had that silly little Eye in a triangle page that says the page can't be found or something like that. It even did it on this board. You also have to allow incoming on a few programs just so they can works. I tried making a rule for Proxo and still got the same web page. I also found that it took a little more mem than the virus scan does. The FW might be good for some but I didn't really care for bulky app. :) I unistalled it and went back to Sygate even though it has it share of problems. I'm waiting for the new Sygate or Outpost. which ever one that comes out first will get me to download and use. :) I hope this little post help some people.
     
  14. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Hang on long enough to at least try Outpost.
    It's looking good. ;)
     
  15. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I think outpost might be out before Sygate getes there bugs fixed. But I really want to try outpost. How does it work with XP HE?
     
  16. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    The ones I know that are using XP aren't complaining. That's where they put a lot of effort into the new features and fixes.I really believe its going to be a very popular firewall.
     
  17. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    I'm looking forward in trying it. Any word on when it will be released?
     
  18. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Nope. :)
     
  19. mothman

    mothman Registered Member

    Joined:
    Apr 28, 2003
    Posts:
    10
    Location:
    So Cal
    Hi. New to the forum. 1st post. I've been using 5.0 standard version for a few weeks and aside from a few things that enabled as the default, SPF 5.0 is shaping up to be a really great rules based firewall. What 'bugs' are you referring to in Sygate?
     
  20. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    I'm no expert Mothman but I believe a major concern is that Sygate cant filter LocalHost, for instance if you were running a proxy any program can connect to this proxy and get out without any warning from Sygate.

    Like I say I'm not good with firewalls so someone will be along to correct me or expand more soon.

    :)
    Kev
     
  21. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Yes tinribs that's the the main bug I seen Sygate have. I sure there's other minor bugs with Sygate but lot of programs haves bugs in them. ;) But I heard Sygate was going to have this fixed in the next update.


    Mothman, Sygate isn't a true full ruled based firewall. It's rule based to a point. Kerio on the other hand is a full rule based firewall. ;)
     
  22. mothman

    mothman Registered Member

    Joined:
    Apr 28, 2003
    Posts:
    10
    Location:
    So Cal
    So what makes Sygate *not* a "true" rules based firewall. Or are you overruling it simply because of what Tinribs said about apps using the web if you're using a proxy. I want to know because despite the few items that really chap my ass about Sygate, I still like it a lot more than ZA.

    I used ZA for almost 4 yrs because it was a perfect no brainer firewall--it did the job w/o me having to specify rules about protocols that I did not want to learn about. But then I had to remove it bc it interfered with my connection and thats when the nightmare began.

    Ended up having to reinstall Windows and once I got over being disgruntled about that decided on using a firewall that wasn't going to wrap itself so tightly around my system that if I removed it would wreak havoc. Sygate was my 2nd choice.

    After I learned how to configure it and became familiar with setting up advanced rules and got over being pissed about every application having server privs enabled *by default,* I've been really happy with it. It passes port security scans, etc. and I use an IDS as well so I'm assured that my system is relatively secured at least for now. If someone really wanted to hack into my system then I'm sure neither firewall nor IDS would stop him but for me, SPF is good enough for the moment.
     
  23. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Sygate is an application/rule based. Maybe someone else can explain it a little better.
     
  24. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,331
    Location:
    Netherlands
    Hi mothman,

    I don´t know if you´re familiar with this site: http://bellsouthpwp.net/i/k/ikpe/
    It helped me a lot when trying to learn a little more about configuring SPF.

    Regards,

    Pieter
     
  25. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    Pieter I stepped away from my computer for a little and came back and was going to put up the same link as you did. You beat me to it. :)
     
Loading...
Thread Status:
Not open for further replies.