McAfee FIREWALL 2.1-GETTING STARTED Page 31 Getting Started Download | Manualshive

Page: 31 / 48

background image

4

Getting Started

31

4

Glossary

Address

A data field in a packet header that specifies either the sender or the intended
receiver of the packet. Note that computers can often see data packets that are
not intended for them.

Administrator

The person responsible for handling computer configurations as well as
support.

Allow/Block (packets)

The action to take on a packet. Block means the packet is not sent/received.
Allow means it is sent/received.

ARP

Address Resolution Protocol.

Authentication

The property of verifying that a person or system is who or what it claims to
be. This can be achieved via Virtual Private Networks.

BO

Short for "Back Orifice", a trojan remote control program. This program is
designed to illustrate the serious security breaches that are possible when
using the Windows operating systems. It has been used to cause a lot of
mischief and damage. BO’s default setup is to listen on UDP port 31337.

BRKill

An attack program that exploits the security implementation weakness of
Microsoft’s TCP/IP. Starting with the IP address and a good guess of a TCP
connection running (particularly on IRC or using PPTP), the attack finds the
TCP packet sequence numbers and then attempts to close the connection by
spoofing a "disconnect" packet.

Broadcast (networks)

A message addressed to all computers on a specified subnetwork.

«
...
29
30
31
32
33
...
»

Summary of Contents for FIREWALL 2.1-GETTING STARTED

Page 1: ...McAfee Firewall Getting Started Version 2 10 ...

Page 2: ...bScan WebShield WebSniffer WebStalker WebWall and ZAC 2000 are registered trademarks of Network Associates and or its affiliates in the US and or other countries All other registered and unregistered trademarks in this document are the sole property of their respective owners LICENSE AGREEMENT NOTICE TO ALL USERS CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT AGREEMENT FOR THE LICENSE OF SPECIFIED S...

Page 3: ... the limitations or other requirements described herein Upon any termination or expiration of this Agreement you must destroy all copies of the Software and the Documentation You may terminate this Agreement at any point by destroying all copies of the Software and the Documentation 3 Updates For the time period specified in the applicable price list or product packaging for the Software you are e...

Page 4: ...e at McAfee s option either i return of the purchase price paid for the license if any or ii replacement of the defective media in which the Software is contained You must return the defective media to McAfee at your expense with a copy of your receipt This limited warranty is void if the defect has resulted from accident abuse or misapplication Any replacement media will be warranted for the rema...

Page 5: ...tion by the United States Government shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Agreement 9 Export Controls Neither the Software nor the Documentation and underlying information or technology may be downloaded or otherwise exported or re exported i into or to a national or resident of Cuba Iran Iraq ...

Page 6: ...eous This Agreement is governed by the laws of the United States and the State of California without reference to conflict of laws principles The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded This Agreement sets forth all rights for the user of the Software and is the entire agreement between the parties This Agreement supersede...

Page 7: ...es McAfee Firewall support 15 What protocols can McAfee Firewall filter 15 How can I still be harassed even with McAfee Firewall 16 Chapter 2 Installing McAfee Firewall 17 System requirements 17 About Winsock 2 17 Installing McAfee Firewall 17 Troubleshooting installation problems 18 Step 1 Clean up your hard drive 18 Step 2 Remove temporary files 19 Step 3 Close other software 19 Chapter 3 McAfee...

Page 8: ...5 Configuring Applications 26 Configuring System Settings 27 Configuration after Adding Removing Network Devices 28 Using Password Protection 28 Chapter 4 Glossary 31 Appendix A Product Support 41 How to Contact McAfee 41 Customer service 41 Technical support 42 McAfee training 43 Index 45 ...

Page 9: ...Getting Started ix Table of Contents ...

Page 10: ...Table of Contents x McAfee Firewall ...

Page 11: ... e if you allow sharing Stops floods and other attack packets from being received by the Operating System Blocks untrusted applications from communicating over the network Detects hidden programs trojans that can give remote access to your PC or reveal private information e g online banking information Provides detailed information about which sites you have contacted and the type of connection th...

Page 12: ...ss a network it blocks all traffic to and from that application Some network communications are needed to maintain network based services These are managed through user defined rules under the SYSTEM button feature of McAfee Firewall The default SYSTEM settings feature provides protection from hostile threats In addition during the installation process it will prompt you with some basic questions ...

Page 13: ... first time a Find Setup Wizard is displayed Follow the instructions on screen to setup the full text search option After setup is complete 1 In the text box type the first few letters of the word or phrase you are looking for You can also select matching words to narrow your search 2 Once you have located what you are looking for in the display topic box click the topic Frequently Asked Questions...

Page 14: ...what is on your system The data you send can be seen by more people than just the intended receiver Practically any system that is connected to any part of the network path used to relay your data packets can see what is sent Also it is hard to know with absolute certainty that you are talking to whom you think you are talking to What other protection do I need McAfee Firewall provides network lev...

Page 15: ...mmunicate this way A malicious program could communicate by other means however What network devices does McAfee Firewall support McAfee Firewall supports Ethernet and Ethernet like devices on Microsoft Windows 95 98 and NT 4 0 SP4 and SP5 This includes dial up connections most cable and ISDN modems and most Ethernet cards It does not support Token Ring FDDI ATM Frame Relay and other networks What...

Page 16: ...the connections to be broken Server side nuking This is when the nukes are sent to the IRC server not to your computer telling the server that you can no longer be reached To prevent this the IRC server needs a firewall Flood blocking a TCP connection If a flood of packets is sent to you from a higher speed connection McAfee Firewall or ConSeal PC FIREWALL can stop the packets but the flood takes ...

Page 17: ... to the Internet either a dial up account with an Internet Service Provider ISP or a constant connection through a network About Winsock 2 McAfee Firewall uses an API Application Programming Interface that is not supported by versions of Winsock prior to v2 0 McAfee Firewall checks for the presence of Winsock 2 during the installation procedure and will inform you if the system does not have it If...

Page 18: ...ajor causes of installation failure are Hard drive errors Temporary files that conflict with the installation Attempting to install while other software is running Follow the procedure outlined below to minimize the affect that these common conditions may have on your installation Step 1 Clean up your hard drive Run the Windows 95 hard drive utilities ScanDisk and Disk Defragmenter to identify and...

Page 19: ...e Windows Temp folder 1 Double click the My Computer icon on your desktop The My Computer window opens Double click the C drive You are now viewing the contents of your hard drive 2 Double click the Windows folder 3 In the Windows folder double click the Temp folder 4 In the menu click Edit then click Select All All of the items in your Temp folder are highlighted 5 Press the Delete key on your ke...

Page 20: ... Firewall 20 McAfee Firewall 3 Repeat steps 2 and 3 until you ve closed everything except Explorer 4 When you see only Explorer in the Close Program dialog box click Cancel You are now ready to install your new software ...

Page 21: ...icate to the specific URL you have indicated and then deletes the rule once all traffic is received or once you exit Netscape Additionally when trojans on your system try to communicate out from your PC McAfee Firewall will also prompt you whether you trust them or not and the decision to stop trojans is easy and instantaneous Applications Control applications McAfee Firewall monitors network traf...

Page 22: ... this and block it at any time just select the Settings Applications menu item There you can move applications into either the Trusted list or the Blocked list When you exit McAfee Firewall your settings are saved and will be the same the next time it is run Systems Control system The operating system performs many types of network communication without reporting directly to the user McAfee Firewa...

Page 23: ...network device or click once and choose Properties Figure 3 2 Dial Up Adapter 0000 Properties You can then choose to allow or block NetBIOS over TCP Identification ICMP ARP DHCP RIP PPTP and other protocols IP and non IP NOTE For more information refer to the McAfee Firewall online Help ...

Page 24: ...ions especially on IRC ARP Allowed ARP is a necessary Ethernet protocol and is not known to be a threat DHCP Allowed if your system uses DHCP The program looks in your system Registry to see if one of your network devices uses DHCP If so then DHCP is allowed for all devices If not then it is blocked for all devices If you have more than one network device and one uses DHCP you should check the DHC...

Page 25: ...assword is entered If the password has not been entered new networking applications will be blocked automatically Instructions for Administrators Configuring Network Display and Logging Controls Network Control This should usually be set to Filter Traffic If it is set to Block Everything the system will not be able to communicate over any network device If it is set to Allow Everything nothing wil...

Page 26: ... When selected all applications are freely allowed to communicate and malicious trojans may go unnoticed 3 Close the Application Settings dialog box choosing OK 4 Add applications you want to communicate to the Trusted Applications list by running the application You will be prompted to allow the application Choose Yes 5 Once you have run the applications you want to communicate review the Trusted...

Page 27: ...computers have just one or two network connections 2 Decide what network traffic should be allowed on each network segment 3 Select the Settings menu item and the System option on the popup menu 4 From the list of network devices determine which device is connected to which network segment you listed in Step 1 If you have one modem but see two Dial Up Adapter entries one of them may be a Microsoft...

Page 28: ... Settings page does not cancel these changes If in doubt review the settings later to confirm 3 Choose OK to close the System Settings dialog box Using Password Protection The following steps will help the Administrator protect the configuration Without using password protection the only way to make sure that setup has not been altered is to examine all settings By using password protection you wi...

Page 29: ...It is better to use a new password every time you make an important configuration change Every file you create with a password is valid in that McAfee Firewall will see that it matches the password you used for it Using a new password prevents someone from secretly replacing an older configuration file for a newer one Trojans such as BO and Netbus can log keyboard stokes Therefore they can log a p...

Page 30: ...McAfee Firewall Configurations 30 McAfee Firewall ...

Page 31: ...ims to be This can be achieved via Virtual Private Networks BO Short for Back Orifice a trojan remote control program This program is designed to illustrate the serious security breaches that are possible when using the Windows operating systems It has been used to cause a lot of mischief and damage BO s default setup is to listen on UDP port 31337 BRKill An attack program that exploits the securi...

Page 32: ...us e g virus or private e g password There is also concern that one Web site can get a cookie created by another Web site It appears that cookies cannot be used to get other data from a user s hard drive e g applications used database address book personal files etc Cookies can also be used to track where a user has been within a Web site Netscape Navigator can be set to prompt you whether or not ...

Page 33: ...ernet connection Filter firewalls A tool used to intercept block all incoming and outgoing network traffic McAfee Firewall filters traffic finger A service that finds information about a user Firewall A service that controls the transfer of data between computers This includes the surrounding network The firewall is responsible for filtering all packets and often provides proxy services to protect...

Page 34: ...on ICQ An Internet service that helps people find each other and share information ICQ has been found to have security weaknesses Identification A service that provides user information to be used on another system so they can try to verify your identity If you block it other systems such as email servers may refuse you their services This service is also known as ident or auth inbound packet A pa...

Page 35: ...ming connection Local address or port Refers to your machine as opposed to a remote machine Log File A record kept to track activity The log file helps monitor what connections your computer has made and where unauthorized access may have originated Menu A list of commands that are available If a command is in gray it is not available Message Box A message window that appears briefly to provide in...

Page 36: ...mputer component that connects your computer to a network such as Ethernet or Internet News NNTP A service available through most ISPs where thousands of newsgroups discuss specific topics and users may post relevant articles Remember that anything you post will be archived permanently and can be retrieved at such website as www deja com Also if you post using your real email address you WILL rece...

Page 37: ... on your system look on your system for Dial Up Networking ping An ICMP based service used to verify the availability of computers on a network POP2 Post Office Protocol version 2 Used to transfer email POP3 Post Office Protocol version 3 Used to transfer email Port A number used by protocols such as TCP and UDP to identify a communication instance PPP Point to Point Protocol a low level protocol ...

Page 38: ... a UDP based protocol used to send routing information to systems on a network Service An application or function often considered part of the operating system SLIP Serial Line Internet Protocol a predecessor to PPP SMTP Simple Mail Transfer Protocol a popular email protocol SNMP Simple Network Management Protocol A protocol used to manage networks and routing SPX Sequenced Packet Exchange a conne...

Page 39: ... within another A Virtual Private Network VPN tunnels data by encrypting it and then encapsulating it within a protocol such as TCP better or UDP worse UDP A connectionless datagram Internet Protocol carried in IP packets Examples of services and applications that use UDP are ICQ DNS NetBIOS for broadcasts etc and RIP Virus software A piece of code that works without the knowledge of the recipient...

Page 40: ...access to a protected network Home or mobile workers can connect to the office and have the same secure link and can access office systems WINS Windows Internet Name Service a protocol similar to DNS Winsock A part of the Microsoft Windows operating systems that handles most network connections and some ICMP It does not handle file or print shares ...

Page 41: ...Version of system software Amount of memory RAM Extra cards boards or monitors Name and version of conflicting software EXACT error message as on screen What steps were performed prior to receiving error message A complete description of problem How to Contact McAfee Customer service To order products or obtain product information contact the McAfee Customer Service department at 972 308 9960 or w...

Page 42: ...have continued this tradition by making our site on the World Wide Web http www mcafee com a valuable resource for answers to technical support issues We encourage you to make this your first stop for answers to frequently asked questions for updates to McAfee software and for access to McAfee news and virus information Take advantage of the McAfee Product KnowledgeCenter your free online product ...

Page 43: ...ree support and 24 hours a day 7 days a week for Per Minute or Per Incident support McAfee training For information about scheduling on site training for any McAfee product call 800 338 8754 Disclaimer Time and telephone numbers are subject to change without prior notice Table A 1 30 Day Free Telephone Support 972 308 9960 Per Minute Telephone Support 1 900 225 5624 Per Incident Telephone Support ...

Page 44: ...Product Support 44 McAfee Firewall ...

Page 45: ...27 Connection 32 Control applications 21 Control system 22 Cookies 32 D datagram 32 Default 32 Default settings for applications 22 DHCP 24 32 Dialog Box 32 Dial Up Adapter 23 DNS 32 E Email 33 Ephemeral port 33 Ethernet 33 F Fileshare 33 Filter firewalls 33 finger 33 Firewall 33 Flood blocking a TCP connection 16 FTP 33 G GRE 33 H Hacker 33 How is my PC at risk on the Internet 14 How McAfee Firew...

Page 46: ...NNTP 36 Normal TCP Connection 16 ntp 36 O Operating System 36 Outbound Data 15 outbound packet 36 P Packet 36 Packet Filter 36 Password 37 Password Protection 25 Phone Book 37 ping 37 POP2 37 POP3 37 PPP 37 PPPoE 37 PPTP 24 37 Printshare 37 Protocol 37 protocols 15 R RARP 38 RAS 38 Remote address or port 38 RIP 24 38 S Server side nuking 16 Service 38 SLIP 38 SMTP 38 SNMP 38 SPX 38 System activity...

Page 47: ...Index Getting Started 47 U UDP 39 Using Password Protection 28 V Virus software 39 VPN 39 W WINS 40 Winsock 40 Winsock 2 17 ...

Page 48: ...Index 48 McAfee Firewall ...

Reviews:

No comments

Related manuals for FIREWALL 2.1-GETTING STARTED

SCX 4500 - B/W Laser - All-in-One

Brand: Samsung Pages: 21

SCX 4828FN - Laser Multi-Function Printer

Brand: Samsung Pages: 38

SCX 4725FN - B/W Laser - All-in-One

Brand: Samsung Pages: 33

WS02-NCTC1-E - 07-2001

Brand: Omron Pages: 116

ANTI-VIRUS FOR MICROSOFT EXCHANGE 8.00 -

Brand: F-SECURE Pages: 29

PRISMAweb XMPie PersonalEffect

Brand: Oce Pages: 22

Brand: Oce Pages: 392

GPSMAP GPSMAP 196

Brand: Garmin Pages: 2

Brand: Garmin Pages: 32

TWIG CONFIGURATOR

Brand: Benefon Pages: 28

Brand: Intel Pages: 192

Brand: AMX Pages: 34

Brand: Nikon Pages: 12

25366 - Camera Control Pro

Brand: Nikon Pages: 94

SECURITY 5.5 - FOR MICROSOFT EXCHANGE SERVER...

Brand: KAPERSKY Pages: 185

PowerShot A620 - 7.1MP Digital Camera

Brand: Canon Pages: 106

DocuSP 50. Series

Brand: Xerox Pages: 32

FLASH MX PROFESSIONAL 2004 - FLASH LITE 1.1...

Brand: MACROMEDIA Pages: 86

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands