background image

Getting Started

35

Glossary

Internet Relay Chat.  A service that lets people on the Internet share a typed 
conversation.  Whatever a person typed is sent to other people in the "chat 
group".

The risk here is that people might become hostile and try to "nuke" you or send 
you unpleasant email.  Consider NetNanny to screen the messages that are 
sent in IRC.

ISDN

Integrated Services Digital Network

ISP

Internet Service Provider, the company that sells you access to the Internet.

Listening

 

TCP connections are made to a "listening" port that is ready to accept an 
incoming connection.

Local (address or port)

Refers to your machine, as opposed to a remote machine.

Log File

A record kept to track activity.  The log file helps monitor what connections 
your computer has made and where unauthorized access (may have) 
originated.

Menu

 

A list of commands that are available.  If a command is in gray, it is not 
available.

Message Box

A message window that appears briefly to provide information to the user.

Modem

A device that sends and receives data over a connection, most commonly over 
a telephone line, cable, ADSL or ISDN.

NetBEUI

 

NetBIOS Extended User Interface.  A local-area protocol that operates 
underneath the NetBIOS interface. McAfee Firewall does not currently filter 
NetBEUI.To allow it, you must allow all non-IP protocols.

NetBIOS

Содержание FIREWALL 2.1-GETTING STARTED

Страница 1: ...McAfee Firewall Getting Started Version 2 10 ...

Страница 2: ...bScan WebShield WebSniffer WebStalker WebWall and ZAC 2000 are registered trademarks of Network Associates and or its affiliates in the US and or other countries All other registered and unregistered trademarks in this document are the sole property of their respective owners LICENSE AGREEMENT NOTICE TO ALL USERS CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT AGREEMENT FOR THE LICENSE OF SPECIFIED S...

Страница 3: ... the limitations or other requirements described herein Upon any termination or expiration of this Agreement you must destroy all copies of the Software and the Documentation You may terminate this Agreement at any point by destroying all copies of the Software and the Documentation 3 Updates For the time period specified in the applicable price list or product packaging for the Software you are e...

Страница 4: ...e at McAfee s option either i return of the purchase price paid for the license if any or ii replacement of the defective media in which the Software is contained You must return the defective media to McAfee at your expense with a copy of your receipt This limited warranty is void if the defect has resulted from accident abuse or misapplication Any replacement media will be warranted for the rema...

Страница 5: ...tion by the United States Government shall be governed solely by the terms of this Agreement and shall be prohibited except to the extent expressly permitted by the terms of this Agreement 9 Export Controls Neither the Software nor the Documentation and underlying information or technology may be downloaded or otherwise exported or re exported i into or to a national or resident of Cuba Iran Iraq ...

Страница 6: ...eous This Agreement is governed by the laws of the United States and the State of California without reference to conflict of laws principles The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded This Agreement sets forth all rights for the user of the Software and is the entire agreement between the parties This Agreement supersede...

Страница 7: ...es McAfee Firewall support 15 What protocols can McAfee Firewall filter 15 How can I still be harassed even with McAfee Firewall 16 Chapter 2 Installing McAfee Firewall 17 System requirements 17 About Winsock 2 17 Installing McAfee Firewall 17 Troubleshooting installation problems 18 Step 1 Clean up your hard drive 18 Step 2 Remove temporary files 19 Step 3 Close other software 19 Chapter 3 McAfee...

Страница 8: ...5 Configuring Applications 26 Configuring System Settings 27 Configuration after Adding Removing Network Devices 28 Using Password Protection 28 Chapter 4 Glossary 31 Appendix A Product Support 41 How to Contact McAfee 41 Customer service 41 Technical support 42 McAfee training 43 Index 45 ...

Страница 9: ...Getting Started ix Table of Contents ...

Страница 10: ...Table of Contents x McAfee Firewall ...

Страница 11: ... e if you allow sharing Stops floods and other attack packets from being received by the Operating System Blocks untrusted applications from communicating over the network Detects hidden programs trojans that can give remote access to your PC or reveal private information e g online banking information Provides detailed information about which sites you have contacted and the type of connection th...

Страница 12: ...ss a network it blocks all traffic to and from that application Some network communications are needed to maintain network based services These are managed through user defined rules under the SYSTEM button feature of McAfee Firewall The default SYSTEM settings feature provides protection from hostile threats In addition during the installation process it will prompt you with some basic questions ...

Страница 13: ... first time a Find Setup Wizard is displayed Follow the instructions on screen to setup the full text search option After setup is complete 1 In the text box type the first few letters of the word or phrase you are looking for You can also select matching words to narrow your search 2 Once you have located what you are looking for in the display topic box click the topic Frequently Asked Questions...

Страница 14: ...what is on your system The data you send can be seen by more people than just the intended receiver Practically any system that is connected to any part of the network path used to relay your data packets can see what is sent Also it is hard to know with absolute certainty that you are talking to whom you think you are talking to What other protection do I need McAfee Firewall provides network lev...

Страница 15: ...mmunicate this way A malicious program could communicate by other means however What network devices does McAfee Firewall support McAfee Firewall supports Ethernet and Ethernet like devices on Microsoft Windows 95 98 and NT 4 0 SP4 and SP5 This includes dial up connections most cable and ISDN modems and most Ethernet cards It does not support Token Ring FDDI ATM Frame Relay and other networks What...

Страница 16: ...the connections to be broken Server side nuking This is when the nukes are sent to the IRC server not to your computer telling the server that you can no longer be reached To prevent this the IRC server needs a firewall Flood blocking a TCP connection If a flood of packets is sent to you from a higher speed connection McAfee Firewall or ConSeal PC FIREWALL can stop the packets but the flood takes ...

Страница 17: ... to the Internet either a dial up account with an Internet Service Provider ISP or a constant connection through a network About Winsock 2 McAfee Firewall uses an API Application Programming Interface that is not supported by versions of Winsock prior to v2 0 McAfee Firewall checks for the presence of Winsock 2 during the installation procedure and will inform you if the system does not have it If...

Страница 18: ...ajor causes of installation failure are Hard drive errors Temporary files that conflict with the installation Attempting to install while other software is running Follow the procedure outlined below to minimize the affect that these common conditions may have on your installation Step 1 Clean up your hard drive Run the Windows 95 hard drive utilities ScanDisk and Disk Defragmenter to identify and...

Страница 19: ...e Windows Temp folder 1 Double click the My Computer icon on your desktop The My Computer window opens Double click the C drive You are now viewing the contents of your hard drive 2 Double click the Windows folder 3 In the Windows folder double click the Temp folder 4 In the menu click Edit then click Select All All of the items in your Temp folder are highlighted 5 Press the Delete key on your ke...

Страница 20: ... Firewall 20 McAfee Firewall 3 Repeat steps 2 and 3 until you ve closed everything except Explorer 4 When you see only Explorer in the Close Program dialog box click Cancel You are now ready to install your new software ...

Страница 21: ...icate to the specific URL you have indicated and then deletes the rule once all traffic is received or once you exit Netscape Additionally when trojans on your system try to communicate out from your PC McAfee Firewall will also prompt you whether you trust them or not and the decision to stop trojans is easy and instantaneous Applications Control applications McAfee Firewall monitors network traf...

Страница 22: ... this and block it at any time just select the Settings Applications menu item There you can move applications into either the Trusted list or the Blocked list When you exit McAfee Firewall your settings are saved and will be the same the next time it is run Systems Control system The operating system performs many types of network communication without reporting directly to the user McAfee Firewa...

Страница 23: ...network device or click once and choose Properties Figure 3 2 Dial Up Adapter 0000 Properties You can then choose to allow or block NetBIOS over TCP Identification ICMP ARP DHCP RIP PPTP and other protocols IP and non IP NOTE For more information refer to the McAfee Firewall online Help ...

Страница 24: ...ions especially on IRC ARP Allowed ARP is a necessary Ethernet protocol and is not known to be a threat DHCP Allowed if your system uses DHCP The program looks in your system Registry to see if one of your network devices uses DHCP If so then DHCP is allowed for all devices If not then it is blocked for all devices If you have more than one network device and one uses DHCP you should check the DHC...

Страница 25: ...assword is entered If the password has not been entered new networking applications will be blocked automatically Instructions for Administrators Configuring Network Display and Logging Controls Network Control This should usually be set to Filter Traffic If it is set to Block Everything the system will not be able to communicate over any network device If it is set to Allow Everything nothing wil...

Страница 26: ... When selected all applications are freely allowed to communicate and malicious trojans may go unnoticed 3 Close the Application Settings dialog box choosing OK 4 Add applications you want to communicate to the Trusted Applications list by running the application You will be prompted to allow the application Choose Yes 5 Once you have run the applications you want to communicate review the Trusted...

Страница 27: ...computers have just one or two network connections 2 Decide what network traffic should be allowed on each network segment 3 Select the Settings menu item and the System option on the popup menu 4 From the list of network devices determine which device is connected to which network segment you listed in Step 1 If you have one modem but see two Dial Up Adapter entries one of them may be a Microsoft...

Страница 28: ... Settings page does not cancel these changes If in doubt review the settings later to confirm 3 Choose OK to close the System Settings dialog box Using Password Protection The following steps will help the Administrator protect the configuration Without using password protection the only way to make sure that setup has not been altered is to examine all settings By using password protection you wi...

Страница 29: ...It is better to use a new password every time you make an important configuration change Every file you create with a password is valid in that McAfee Firewall will see that it matches the password you used for it Using a new password prevents someone from secretly replacing an older configuration file for a newer one Trojans such as BO and Netbus can log keyboard stokes Therefore they can log a p...

Страница 30: ...McAfee Firewall Configurations 30 McAfee Firewall ...

Страница 31: ...ims to be This can be achieved via Virtual Private Networks BO Short for Back Orifice a trojan remote control program This program is designed to illustrate the serious security breaches that are possible when using the Windows operating systems It has been used to cause a lot of mischief and damage BO s default setup is to listen on UDP port 31337 BRKill An attack program that exploits the securi...

Страница 32: ...us e g virus or private e g password There is also concern that one Web site can get a cookie created by another Web site It appears that cookies cannot be used to get other data from a user s hard drive e g applications used database address book personal files etc Cookies can also be used to track where a user has been within a Web site Netscape Navigator can be set to prompt you whether or not ...

Страница 33: ...ernet connection Filter firewalls A tool used to intercept block all incoming and outgoing network traffic McAfee Firewall filters traffic finger A service that finds information about a user Firewall A service that controls the transfer of data between computers This includes the surrounding network The firewall is responsible for filtering all packets and often provides proxy services to protect...

Страница 34: ...on ICQ An Internet service that helps people find each other and share information ICQ has been found to have security weaknesses Identification A service that provides user information to be used on another system so they can try to verify your identity If you block it other systems such as email servers may refuse you their services This service is also known as ident or auth inbound packet A pa...

Страница 35: ...ming connection Local address or port Refers to your machine as opposed to a remote machine Log File A record kept to track activity The log file helps monitor what connections your computer has made and where unauthorized access may have originated Menu A list of commands that are available If a command is in gray it is not available Message Box A message window that appears briefly to provide in...

Страница 36: ...mputer component that connects your computer to a network such as Ethernet or Internet News NNTP A service available through most ISPs where thousands of newsgroups discuss specific topics and users may post relevant articles Remember that anything you post will be archived permanently and can be retrieved at such website as www deja com Also if you post using your real email address you WILL rece...

Страница 37: ... on your system look on your system for Dial Up Networking ping An ICMP based service used to verify the availability of computers on a network POP2 Post Office Protocol version 2 Used to transfer email POP3 Post Office Protocol version 3 Used to transfer email Port A number used by protocols such as TCP and UDP to identify a communication instance PPP Point to Point Protocol a low level protocol ...

Страница 38: ... a UDP based protocol used to send routing information to systems on a network Service An application or function often considered part of the operating system SLIP Serial Line Internet Protocol a predecessor to PPP SMTP Simple Mail Transfer Protocol a popular email protocol SNMP Simple Network Management Protocol A protocol used to manage networks and routing SPX Sequenced Packet Exchange a conne...

Страница 39: ... within another A Virtual Private Network VPN tunnels data by encrypting it and then encapsulating it within a protocol such as TCP better or UDP worse UDP A connectionless datagram Internet Protocol carried in IP packets Examples of services and applications that use UDP are ICQ DNS NetBIOS for broadcasts etc and RIP Virus software A piece of code that works without the knowledge of the recipient...

Страница 40: ...access to a protected network Home or mobile workers can connect to the office and have the same secure link and can access office systems WINS Windows Internet Name Service a protocol similar to DNS Winsock A part of the Microsoft Windows operating systems that handles most network connections and some ICMP It does not handle file or print shares ...

Страница 41: ...Version of system software Amount of memory RAM Extra cards boards or monitors Name and version of conflicting software EXACT error message as on screen What steps were performed prior to receiving error message A complete description of problem How to Contact McAfee Customer service To order products or obtain product information contact the McAfee Customer Service department at 972 308 9960 or w...

Страница 42: ...have continued this tradition by making our site on the World Wide Web http www mcafee com a valuable resource for answers to technical support issues We encourage you to make this your first stop for answers to frequently asked questions for updates to McAfee software and for access to McAfee news and virus information Take advantage of the McAfee Product KnowledgeCenter your free online product ...

Страница 43: ...ree support and 24 hours a day 7 days a week for Per Minute or Per Incident support McAfee training For information about scheduling on site training for any McAfee product call 800 338 8754 Disclaimer Time and telephone numbers are subject to change without prior notice Table A 1 30 Day Free Telephone Support 972 308 9960 Per Minute Telephone Support 1 900 225 5624 Per Incident Telephone Support ...

Страница 44: ...Product Support 44 McAfee Firewall ...

Страница 45: ...27 Connection 32 Control applications 21 Control system 22 Cookies 32 D datagram 32 Default 32 Default settings for applications 22 DHCP 24 32 Dialog Box 32 Dial Up Adapter 23 DNS 32 E Email 33 Ephemeral port 33 Ethernet 33 F Fileshare 33 Filter firewalls 33 finger 33 Firewall 33 Flood blocking a TCP connection 16 FTP 33 G GRE 33 H Hacker 33 How is my PC at risk on the Internet 14 How McAfee Firew...

Страница 46: ...NNTP 36 Normal TCP Connection 16 ntp 36 O Operating System 36 Outbound Data 15 outbound packet 36 P Packet 36 Packet Filter 36 Password 37 Password Protection 25 Phone Book 37 ping 37 POP2 37 POP3 37 PPP 37 PPPoE 37 PPTP 24 37 Printshare 37 Protocol 37 protocols 15 R RARP 38 RAS 38 Remote address or port 38 RIP 24 38 S Server side nuking 16 Service 38 SLIP 38 SMTP 38 SNMP 38 SPX 38 System activity...

Страница 47: ...Index Getting Started 47 U UDP 39 Using Password Protection 28 V Virus software 39 VPN 39 W WINS 40 Winsock 40 Winsock 2 17 ...

Страница 48: ...Index 48 McAfee Firewall ...

Отзывы: