PDA

View Full Version : Firewall Configuration



shadowmonkx
09-12-2000, 09:13 AM
Hiya,

I'm currently using Network-1's CyberwallPLUS-WS to protect my computer... but one problem: it's COMPLEX (boy, I sure am stating the obvious)!!

There are a few things I can't figure out:

1.) If I have the firewall set to the default (allow only outgoing connections), and it's a "stateful packet inspection" firewall, then it *shouldn't* be having any problems with any programs. But, it DOES. Even tho I'm not HAVING any problems, per-se, the event log keeps piling up with "Rules Said Fail It" for a LOT of HTTP connections, etc. What's going on?

((Please see http://home.rochester.rr.com/shadowmonkx/firewall.bmp for more information.))

2.) If you had any idea how to do so, could you tell me how to make the
firewall as secure as possible, by making sure the settings are correct?

There's a LOT of crap I don't understand -- nodes, rules, protocols... and the manual is bloody 406 pages!!! I have it in .pdf format, and plan to read it (or buy the hardcopy if I can, so I don't fry my frickin' eyeballs
out!) -- but what about safeguarding my computer meanwhile?? *eek*

You can get a two-day trial version of the firewall here: http://www.network-1.com/_download/index.htm

I would ASSUME (fairly logically) that putting the firewall on NO connections alllowed, and then going from there, would be the best thing to do... but I'm also lost there.

I know that this is asking quite a bit...

When adding/deleting configurations (including mine) the two tabs you have to worry about are "Main" and "Rules".

Thanks and t'care,

-shadowmonkx

This might prove helpful: I asked a few questions of a Network-1 professional, and this is what was said:

Q> If I follow the CyberwallPLUS instructions to enable NAT, will that work on the WS version with Windows 2000 Pro?

A>CWP-WS does NOT do NAT. Windows 2K Internet connection sharing does...read about that set-up.

Define the non-routable addresses as Untrusted nodes and allow them access to the Local Machine.

Q> Is there any way to make CyberwallPLUS allow NO connections, but allow me to configure it for connections as I attempt to make them (eg a pop-up window asking for configuration to allow the connection, much like an application-gateway firewall such as Norton's)?

A> Sure...go to the Rules Tab and delete all the rules...No Connections will be allowed.

Add in ARP and the applications ports you want to open....be careful HTTP doesn't use port 80 going out.

CWP-WS is a stateful packet inspection firewall...Not an application proxy/gateway...no Pop ups.

Paleo Pete
09-13-2000, 08:30 AM
Sorry, but I know absolutely nothing about CyberwallPlus...however...

You might want to take a look at Zone Alarm (http://www.zonelabs.com) which is what I use. It's free to single users, not difficult to configure, works very well, and is probably the most popular firewall out there. It might be worth your time to download it as a stand by while you figure out Cyberwall. It also has a pretty good set of instructions, either on the website or in a tutorial, so it can be set up without lots of hassles. I think the website has a good FAQ page too, but don't remember for sure.

After using it you might even decide to forget about Cyberwall...I leave Zone Alarm set so it pops up a message when it blocks an access attempt, so I know when it happens, all I have to do is click OK. If you click the More Info button it takes you to a Zone Labs webpage with traceroute info on the IP address that was blocked.

Black Ice Defender works well too, but I don't have a link handy. It's not hard to configure either. It's not free though.

------------------
If you had everything...Where would you put it?

Computer Information Links (http://www.geocities.com/paleopete/)

shadowmonkx
09-13-2000, 09:21 AM
Pete,

I've tried both firewalls you mentioned, and I agree that they are "good," but they're only so good as what you pay for.

BID and ZA are both designed with the home user in mind; they are not *real* firewalls in the sense of the word.

CyberwallPLUS *IS* a real software firewall... a good sign of this is its hefty $1,000 price tag.

For me, again, the only problem is configuring the SOG -- it's VERY complex. http://www.PCGuide.com/ubb/frown.gif

Hey, thanx for the info tho! http://www.PCGuide.com/ubb/smile.gif

Take care,

-shadowmonkx

P.S.- NetworkICE is the developer of BID, so that's www.networkice.com (http://www.networkice.com) http://www.PCGuide.com/ubb/smile.gif