Symantec Norton Personal Firewall 2003, User Manual

Page 1: ...User s Guide ...

Page 2: ...ftware and its documentation for any purpose is hereby granted without fee provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation Silicon Graphics makes no representations about the suitability of this software for any purpose It is provided as is without express or implied warranty Copyright ...

Page 3: ...the Software reverse engineer decompile disassemble modify translate make any attempt to discover the source code of the Software or create derivative works from the Software C use a previous version or copy of the Software after you have received a disk replacement set or an upgraded version Upon upgrading the Software all copies of the prior version must be destroyed D use a later version of the...

Page 4: ...14 and other relevant sections of the Code of Federal Regulations as applicable Symantec s computer software and computer software documentation are licensed to United States Government end users with only those rights as granted to all other end users according to the terms and conditions contained in this license agreement Manufacturer is Symantec Corporation 20330 Stevens Creek Blvd Cupertino C...

Page 5: ...on Personal Firewall 17 Chapter 3 Installing Norton Personal Firewall System requirements 19 Supported email clients 20 Supported instant messenger clients 21 Before installation 21 Prepare your computer 21 Install Norton Personal Firewall 22 If the opening screen does not appear 25 Register your software 25 After installation 28 Restart your computer 28 Use the Security Assistant 28 If you have N...

Page 6: ... Content options 46 About Email options 46 Password protect options 46 Reset options password 47 Temporarily disable Norton Personal Firewall 47 For more information 48 Look up glossary terms 48 Use online Help 48 Readme file and Release Notes 49 Use the User s Guide PDF 50 About Norton Personal Firewall on the Web 51 Explore online tutorials 51 Subscribe to the Symantec Security Response newslett...

Page 7: ...tempts How Norton Personal Firewall protects against network attacks 69 Norton Personal Firewall monitors communications 70 Intrusion Detection analyzes communications 70 Visual Tracking locates attackers 71 Customize firewall protection 72 Change the Security Level slider 72 Change individual security settings 73 Reset security settings to defaults 75 Customize firewall rules 75 How firewall rule...

Page 8: ...Blocking 97 Enable or disable Flash blocking 98 Use the Ad Trashcan 98 Use text strings to identify ads to block or permit 99 How to identify Ad Blocking strings 100 Add an Ad Blocking string 100 Modify or remove an Ad Blocking string 101 Chapter 10 Monitoring Norton Personal Firewall View the Status Settings window 104 View the Statistics window 104 Reset information in the Statistics window 105 ...

Page 9: ...ernet How information is transmitted over the Internet 118 About UDP 120 About ICMP 120 About IGMP 120 How Web information is located on the Internet 120 Requesting a page 121 Understanding URLs 121 How ports identify programs on servers 122 How computers are identified on the Internet 123 Appendix C Understanding Internet risks Risks from hackers 125 The process of a hacker attack 125 Risks from ...

Page 10: ...Contents 10 Glossary Service and support solutions Index CD Replacement Form ...

Page 11: ...u have not yet installed Norton Personal Firewall install it now If you have installed Norton Personal Firewall you can use its security tools to block the attack investigate the attacker and prevent this type of attack in the future To block and investigate an attack 1 Open Norton Personal Firewall See Stop Internet communication with Block Traffic on page 44 2 Click Block Traffic This immediatel...

Page 12: ...roblem you can install Norton Personal Firewall and perform the following activities Action Description Install Norton Personal Firewall Norton Personal Firewall can keep your computer safe from future attacks See Installing Norton Personal Firewall on page 19 Update your protection After installing run LiveUpdate to ensure that you have the most updated protection See Keeping current with LiveUpd...

Page 13: ... passwords that include uppercase and lowercase letters numbers and symbols Don t use the same password in multiple places 1 Don t run software if you don t trust the publisher and the source from which you received the software 1 Don t open email attachments unless you are expecting an attachment and you trust the sender 1 Be sensible about providing personal information Many sites ask for more i...

Page 14: ...Responding to emergencies Prevent future problems 14 ...

Page 15: ...racking Identifies the source of attacks and other Internet communication 1 Password protection Provides increased security for Norton Personal Firewall options 1 Block Traffic Lets you immediately stop other computers ability to communicate with your computer 1 Alert Assistant Helps you understand alerts and potential security issues 1 Log Viewer Improved version helps you see all of the actions ...

Page 16: ...lp keep your computer safe You can get fast access to all Norton Personal Firewall tools from the new Security Monitor Internet security can be a complicated topic to understand so Norton Personal Firewall now includes the Alert Assistant which helps you understand security issues suggests how you can resolve problems and advises you on avoiding future security problems ...

Page 17: ...he Internet Norton Personal Firewall includes features that prevent unauthorized access to your computer when you are on the Internet detect possible Internet attacks protect your personal information and block Internet advertisements to speed your Internet browsing Firewall Internet Home computer Norton Personal Firewall allows communicationsthat you initiate Norton Personal Firewall blocks acces...

Page 18: ...mpts on page 69 Privacy Control Privacy Control gives you several levels of control over the kind of information that users can send via the Web email and instant messenger programs You can also control how Privacy Control reacts when Web sites attempt to set and use cookies or learn about your browser See Protecting your privacy on page 89 Ad Blocking Ad Blocking speeds up your Web surfing by eli...

Page 19: ...ystem requirements To use Norton Personal Firewall your computer must have one of the following Windows operating systems installed 1 Windows 98 98SE 1 Windows Me 1 Windows 2000 Professional 1 Windows XP Professional or Windows XP Home Edition Windows 95 and NT the server editions of Windows 2000 XP and the Windows XP 64 bit edition are not supported ...

Page 20: ... Pentium processor or compatible at 150 MHz or higher 1 48 MB of RAM 64 MB recommended 1 25 MB of available hard disk space 1 Internet Explorer 5 01 or later 5 5 recommended 1 CD ROM or DVD ROM drive Windows 2000 Professional 1 Intel Pentium processor or compatible at 150 MHz or higher 1 48 MB of RAM 64 MB recommended 1 25 MB of available hard disk space 1 Internet Explorer 5 01 or later 5 5 recom...

Page 21: ...ll Norton Personal Firewall prepare your computer Prepare your computer See If you need to uninstall Norton Personal Firewall on page 34 If you have an older version of Norton Personal Firewall the new version prompts you to remove the older version If you have a recent version of Norton Personal Firewall you can transfer your existing settings to the new version of the program Quit all other Wind...

Page 22: ...mputer from the Internet 6 Click OK to close the settings window 7 Click OK to close the Network Tasks window Install Norton Personal Firewall Install Norton Personal Firewall from the Norton Personal Firewall CD Install a copy of Norton Personal Firewall on each computer that you want to protect To install Norton Personal Firewall 1 Insert the Norton Personal Firewall CD into the CD ROM drive See...

Page 23: ... Click Next 4 Read the License Agreement then click I accept the license agreement If you decline you cannot continue with the installation 5 Click Next 6 In the Run LiveUpdate after installation window select whether you want to run LiveUpdate after the installation is done ...

Page 24: ...to select a folder into which you want to install Norton Personal Firewall if it is other than the default location 9 Click Next See Register your software on page 25 10 Click Next to begin installing Norton Personal Firewall After Norton Personal Firewall is installed the Registration Wizard appears ...

Page 25: ...ktop double click My Computer 2 In the My Computer window double click the icon for your CD ROM drive 3 In the list of files double click Cdstart exe Register your software Use the Registration Wizard to register your software online If you skip online registration you can register your software later using the Product Registration option on the Help menu To register your software 1 In the first R...

Page 26: ...r your software 26 2 If you would like information from Symantec about Norton Personal Firewall select the method by which you want to receive that information then click Next 3 Type your name then click Next 4 Type your address then click Next ...

Page 27: ...by mail your computer must be connected to a printer that the Registration Wizard can use to print the registration form If you want to register using the Internet you must be connected to the Internet 7 Click Next 8 To get a copy of your registration information for future reference do one of the following 2 Write down the serial number 2 Click Print 9 Click Next 10 Select whether you want to use...

Page 28: ...e Installer Information dialog box click Yes Configuration of Norton Personal Firewall is not complete until you restart your computer Use the Security Assistant The Security Assistant helps you quickly configure your Norton Personal Firewall protection The Security Assistant is divided into four categories 1 Home Networking 1 Program Control 1 Privacy Control 1 Password Protection Set up Home Net...

Page 29: ...king Wizard click Next 4 Follow the on screen instructions to configure your network Set up Program Control See Scan for Internet enabled programs on page 77 Norton Personal Firewall can scan your computer for Internet enabled programs and create access rules for them When the scan is complete you can use the results to determine which programs should have access to the Internet and if desired adj...

Page 30: ...Installing Norton Personal Firewall After installation 30 To set up Program Control 1 In the Security Assistant Roadmap click Program Scan 2 In the Program Scan pane click Automatically scan programs ...

Page 31: ...ernet access rule or category of a program in the Internet Access or Category drop down lists select the setting that you want 6 Click Finish when you are done Set up Privacy Control See Identify privateinformation to protect on page 89 Using Privacy Control you can identify private information that should have extra protection Privacy Control can then prevent users from sending this information t...

Page 32: ...ive or six characters of the information that you want to block from being sent over nonsecure Internet connections By entering only partial information you ensure that untrustworthy people with physical access to your computer cannot steal entire credit card numbers and other information 6 Click OK Set up Password Protection See Use the Security Monitor on page 38 For maximum security you can req...

Page 33: ...stalled If you have Norton SystemWorks installed on your computer when you install Norton Personal Firewall the installer adds a Norton Personal Firewall tab to the Norton SystemWorks main window and a Norton SystemWorks tab to the Security Center To open Norton Personal Firewall from Norton SystemWorks 1 Open Norton SystemWorks 2 On the Norton Personal Firewall tab click Launch Norton Personal Fi...

Page 34: ...rt More Programs Norton Personal Firewall Uninstall Norton Personal Firewall 2 Click Next 3 In the Installer Information dialog box click Yes to restart your computer If you have no other Symantec products on your computer you should also uninstall LiveReg and LiveUpdate To uninstall LiveReg and LiveUpdate 1 Do one of the following 2 On the Windows taskbar click Start Settings Control Panel 2 On t...

Page 35: ...lled You do not have to start the program to be protected Access Norton Personal Firewall Launch Norton Personal Firewall to change protection settings or monitor its activities To access Norton Personal Firewall 4 Do one of the following 2 On the Windows taskbar click Start Programs Norton Personal Firewall Norton Personal Firewall ...

Page 36: ...e Windows taskbar at the bottom of your screen Click this icon to open a menu containing frequently used Norton Personal Firewall tools To use the Norton Personal Firewall system tray menu 1 In the system tray right click the Norton Personal Firewall icon 2 In the menu that appears select an item Items in the menu include Norton Personal Firewall Opens a Norton Personal Firewall window Hide View A...

Page 37: ...ewall protection features The default settings for Norton Personal Firewall provide a safe automatic and efficient way of protecting your computer If you want to change or customize your protection you can access all Norton Personal Firewall tools from the Status Settings window To change settings for individual features 1 Open Norton Personal Firewall 2 If you have chosen to view the Security Mon...

Page 38: ... Firewall tools into a compact window When you re online place the Security Monitor window in an unused part of your screen This lets you monitor your connection view information about security events and personalize your protection without requiring a lot of space on your screen When you start Norton Personal Firewall it launches the Security Center You can then switch to the Security Monitor To ...

Page 39: ... the alert is active Norton Personal Firewall helps you decide on an appropriate action by preselecting the recommended action if one exists Norton Personal Firewall cannot suggest recommended actions for all alerts Learn more with the Alert Assistant Each Norton Personal Firewall alert includes a link to the Alert Assistant The Alert Assistant includes customized information about each alert incl...

Page 40: ... adjust the Alerting Level 1 Open Norton Personal Firewall 2 In the Security Center click Alerting Level 3 Move the slider to choose an Alerting Level Alerting Level Information provided Alert Tracker messages Security Alerts Notifies you when Minimal Critical Internet events None Logged not displayed Program Control rules are created automatically Port scans occur Confidential information is bloc...

Page 41: ...t Tracker it attaches to either side of the screen on your primary monitor When a security event occurs Alert Tracker displays a message for a few seconds and then returns to the side of the screen If you miss an Alert Tracker message you can review a list of recent messages See Use the Ad Trashcan on page 98 Alert Tracker also contains the Ad Trashcan which is part of the Norton Personal Firewall...

Page 42: ...ttack Use Security Check to test your computer s vulnerability to security intrusions The Security Check link in Norton Personal Firewall connects you to the Symantec Web site where you can scan for vulnerabilities and get detailed information about Security Check scans w You must be connected to the Internet to check your computer s vulnerability To check your computer s vulnerability to attack 1...

Page 43: ... Firewall 1 Statistics 1 Log Viewer 1 AutoBlock To trace a connection attempt from Statistics 1 Open Norton Personal Firewall 2 In the Security Center click Statistics 3 Click Attacker Details Your browser opens the Visual Tracking Web page To trace a connection attempt from the Log Viewer 1 Open Norton Personal Firewall 2 In the Security Center click Statistics 3 Click View Logs 4 In the left col...

Page 44: ...ive Norton Personal Firewall stops all communication to and from your computer To the outside world it appears that your computer has completely disconnected from the Internet If you want to block all traffic into and out of your computer Block Traffic is more effective than simply using your Internet software to disconnect Most Internet programs can automatically connect without any input from th...

Page 45: ...ons let you control when Norton Personal Firewall runs protect program settings with a password and choose visual elements you want to display About LiveUpdate options See Keeping current with LiveUpdate on page 53 LiveUpdate options let you enable and disable Automatic LiveUpdate which automatically checks for Norton Personal Firewall updates when you are connected to the Internet For maximum sec...

Page 46: ...Blocking settings Ad Blocking settings let you specify individual ad banners or groups of ad images you want to block or allow on individual sites See Use text strings to identify ads to block or permit on page 99 About Email options Email options let you control how Norton Personal Firewall notifies you when it is scanning email messages for private information Password protect options You can pr...

Page 47: ...is case sensitive 4 In the New Password and Confirm New Password text boxes type a new password 5 Click OK 6 In the Remove Application window click Cancel 7 In the Norton Personal Firewall alert click Exit 8 In the Setup Canceled alert click OK Temporarily disable Norton Personal Firewall There may be times when you want to temporarily disable Norton Personal Firewall or one of its features For ex...

Page 48: ...e Base on the Symantec Web site Look up glossary terms Technical terms that are italicized in the User s Guide are defined in the glossary which is available in both the User s Guide PDF and Help In both locations clicking a glossary term takes you to its definition Use online Help Help is always available throughout Norton Personal Firewall Help buttons or links to more information provide inform...

Page 49: ...or dialog box Help 4 Do one of the following 2 Click the Tell Me More link if one is available 2 In the dialog box click Help Readme file and Release Notes The Readme file contains information about installation and compatibility issues The Release Notes contain technical tips and information about product changes that occurred after this guide went to press They are installed on your hard disk in...

Page 50: ...rewall CD in PDF format You must have Adobe Acrobat Reader installed on your computer to read the PDF To install Adobe Acrobat Reader 1 Insert the Norton Personal Firewall CD into the CD ROM drive 2 Click Browse CD 3 Double click the Manual folder 4 Double click the Acrobat folder 5 Double click ar500enu exe 6 Follow the on screen instructions to select a folder for Adobe Acrobat Reader and comple...

Page 51: ...ur virus protection and read the latest information about antivirus technology 2 Visit the Symantec Web site Takes you to the home page of the Symantec Web site from which you can get product information on every Symantec product You can always access the Symantec Web site through your Internet browser To access the Symantec Web site in your browser 4 Type the Symantec Web site address www symante...

Page 52: ...nse common viruses trends in virus workings virus outbreak warnings and special virus definition releases To subscribe to the Symantec Security Response newsletter 1 Point your browser to securityresponse symantec com 2 On the security response Web page scroll down to the reference area of the page then click Newsletter 3 On the security response newsletter Web page choose the language in which yo...

Page 53: ...you must have Administrator access rights to run LiveUpdate About program updates Program updates are minor improvements to your installed product These differ from product upgrades which are newer versions of entire products Program updates that have self installers to replace existing software code are called patches Patches are usually created to extend operating system or hardware compatibilit...

Page 54: ...emWorks receive virus definition service updates which provide access to the latest virus signatures and other technology from Symantec Norton Internet Security In addition to the virus definition service users of Norton Internet Security also receive protection updates to the Web filtering service the intrusion detection service and Spam Alert The Web filtering service updates provide the latest ...

Page 55: ...moval instructions and includes advice on keeping your computer safe You should always run LiveUpdate after you receive one of these alerts To request an update alert 1 From your Web browser navigate to securityresponse symantec com avcenter 2 On the Security Response Web page scroll to the bottom of the page then click Symantec security response Free subscription 3 On the security alert subscript...

Page 56: ...rve or Prodigy connect to the Internet first and then run LiveUpdate To obtain updates using LiveUpdate 1 Open your Symantec product 2 At the top of the window click LiveUpdate You might receive a warning that says that your subscription has expired Follow the on screen instructions to complete the subscription renewal 3 In the LiveUpdate window click Next to locate updates 4 If updates are availa...

Page 57: ...for updates 2 To have the option of cancelling the update select I want to press the start button to run LiveUpdate 2 To have any updates installed automatically whenever you start LiveUpdate select I want LiveUpdate to start automatically 6 Click OK Turn off Express mode Once you have set LiveUpdate to run in Express mode you can no longer access the LiveUpdate Configuration dialog box directly f...

Page 58: ...tart Norton Personal Firewall 2 At the top of the Norton Personal Firewall main window click Options w If you set a password for Options Norton Personal Firewall asks you for the password before you can continue 3 In the Norton Personal Firewall Options dialog box on the LiveUpdate tab check Enable Automatic LiveUpdate 4 If you want to be notified when updates are available check Notify me when No...

Page 59: ...date 1 Start Norton Personal Firewall 2 At the top of the Norton Personal Firewall main window click Options w If you set a password for Options Norton Personal Firewall asks you for the password before you can continue 3 In the Norton Personal Firewall Options dialog box click the LiveUpdate tab 4 In the LiveUpdate pane uncheck Enable Automatic LiveUpdate 5 Click OK ...

Page 60: ...Keeping current with LiveUpdate Run LiveUpdate automatically 60 ...

Page 61: ...s file sharing to exchange files with someone print to a shared printer or connect to the Internet using a modem or broadband connection your computer joins a network of other computers When you are part of a network your computer is vulnerable to attacks Norton Personal Firewall automatically monitors all new network connections to ensure that your computer is safe Normally your computer connects...

Page 62: ...ternet w Before enabling file and printer sharing on your local network ensure that each shared resource is protected by a secure password To learn more about securing shared resources consult the Help file on your Start menu To enable file and printer sharing 1 Open Norton Personal Firewall 2 In the Security Center double click Personal Firewall 3 In the Personal Firewall window on the Advanced t...

Page 63: ...nal Firewall 2 In the Security Center double click Personal Firewall 3 In the Personal Firewall window on the Home Networking tab click Wizard To open the Home Network Wizard from the Security Monitor 1 Open Norton Personal Firewall 2 In the Security Monitor on the Select a Task menu select Setup Home Networking To organize computers into zones with the Home Network Wizard 1 In the Home Network Wi...

Page 64: ... When you have finished adding computers click OK To remove computers from zones 1 Open Norton Personal Firewall 2 In the Security Center double click Personal Firewall 3 Select the computer that you want to remove 4 Click Remove 5 When you have finished removing computers click OK Identify computers to Norton Personal Firewall You must identify computers to Norton Personal Firewall to manually co...

Page 65: ...he Windows taskbar click Start Run 2 In the Run dialog box type cmd 3 Click OK 4 At the command prompt type ipconfig 5 Click OK 6 Record the IP address Specify an individual computer The computer name that you type can be an IP address a URL such as service symantec com or a Microsoft Network computer name such as Mojave You can find the names of computers on your local network in Network Neighbor...

Page 66: ...uters using a network address You can identify all of the computers on a single subnet by specifying an IP address and a subnet mask The IP address that you specify can be any address in the subnet that you are identifying To specify computers using a network address 1 In the Specify Computers dialog box click Using a network address 2 In the Network Address text box type the IP address of a compu...

Page 67: ...k from many outside attacks install Norton Personal Firewall on the gateway computer For maximum protection against Trojan horses or other problem programs that initiate outbound connections install Norton Personal Firewall on all computers that share the connection Control how outside users access your network Norton Personal Firewall can protect computers while still allowing outside users to ac...

Page 68: ...work Norton Personal Firewall works with the following Virtual Private Networks VPNs 1 Nortel 1 VPNRemote 1 PGP 1 SecureRemote With most VPNs when the VPN client is active you cannot see the Internet or other computers on your local network You can only see what is available through the VPN server to which you are connected ...

Page 69: ... protects against network attacks Norton Personal Firewall includes three tools that protect your computer from intrusion attempts malicious Web content and Trojan horses 1 Norton Personal Firewall Monitors all Internet communication and creates a shield that blocks or limits attempts to view information on your computer 1 Intrusion Detection Analyzes all incoming and outgoing information for data...

Page 70: ...or program vulnerability Norton Personal Firewall protects your computer against most common Internet attacks including the following Improper connection attempts Warns you of any connection attempts from other computers and attempts by programs on your computer to connect to other computers Trojan horses Notifies you when your computer encounters destructive programs that are disguised as somethi...

Page 71: ...ot be used to attack other users or be exploited by zombies If Norton Personal Firewall detects that your computer is sending information that is typical of an attack it immediately blocks the connection and warns you about the possible problem To reduce the number of warnings that you receive Norton Personal Firewall only monitors attacks that are targeted at ports that your computer uses If an a...

Page 72: ...the Security Level slider to select preset security levels or by changing individual security settings Change the Security Level slider The Security Level slider lets you select Minimal Medium or High security settings When you change the slider position the protection level changes Changing the Security Level slider does not affect the protection provided by Intrusion Detection To change the Secu...

Page 73: ...rewall blocks everything until you allow it If you have run a Program Scan you should not be interrupted frequently with Program Control alerts See Enable Automatic Program Control on page 76 You are alerted each time that an ActiveX control or Java applet is encountered Unused ports do not respond to connection attempts giving them a stealth appearance Medium recommended The firewall blocks every...

Page 74: ...ul programs when they use the same ports None Disables Norton Personal Firewall and allows all Internet communications High Blocks your browser from running any Java applets or ActiveX controls over the Internet This is the safest but most inconvenient option Some Web sites might not operate properly using this setting Medium Prompts you when Java applets and ActiveX controls are encountered This ...

Page 75: ...Default Level See Change the Security Level slider on page 72 This resets your security level to medium Use the Security Level slider to choose one of the other preset security levels Customize firewall rules Firewall rules control how Norton Personal Firewall protects your computer from malicious incoming traffic programs and Trojan horses The firewall automatically checks all data coming in or o...

Page 76: ...ec has identified as safe If an unknown program or an unknown version of a known program attempts to access the Internet Norton Personal Firewall warns the user The user can then choose to allow or block Internet access for the program See Keeping current with LiveUpdate on page 53 Symantec regularly updates the list of recognized programs You should run LiveUpdate regularly to ensure that your li...

Page 77: ...K Scan for Internet enabled programs Scanning for Internet enabled programs is the quickest way to configure the Personal Firewall Norton Personal Firewall scans the computer for programs that it recognizes and suggests appropriate settings for each program You can scan for Internet enabled programs from the Security Center or the Security Monitor To scan for Internet enabled programs from the Sec...

Page 78: ...he disk or disks on your computer that you want to scan 4 Click OK 5 In the Program Scan window do one of the following 2 Check programs that you want to add to the Program Control list 2 To add all Internet enabled programs at once click Check All 6 Click Finish Manually add a program to Program Control See Customize firewall protection on page 72 Users can add programs to Program Control to stri...

Page 79: ...changes override settings made by Automatic Program Control To change Program Control settings 1 Open Norton Personal Firewall 2 In the Security Center double click Personal Firewall 3 In the Personal Firewall window on the Program Control tab in the list of programs click the program that you want to change 4 Click Modify Automatically configure Internet access Recommended Use the default Norton ...

Page 80: ... Rule 1 Open Norton Personal Firewall 2 In the Security Center double click Personal Firewall 3 In the Personal Firewall window on the Advanced tab click General Rules 4 Follow the on screen instructions See Write a firewall rule on page 81 To add a Trojan Horse Rule 1 Open Norton Personal Firewall 2 In the Security Center double click Personal Firewall Automatically configure Internet access Use ...

Page 81: ... on screen instructions See Write a firewall rule on page 81 Write a firewall rule Norton Personal Firewall leads you through the process of writing your own firewall rules To write a firewall rule 1 In the General Rules Trojan Horse Rules or Program Rules window click Add 2 In the Add Rule window select the action that you want for this rule Your options are 3 Click Next Permit Internet Access Al...

Page 82: ...ies to all computers Only computers specified below The rule applies only to the computers sites and domains listed Adapters The rule applies to a specific network adapter in your computer This allows you to customize firewall rules for each of your computer s IP addresses For example if your computer is connected to a home network and to the Internet you might want to set up a rule that permits f...

Page 83: ...y are not functioning the way that you want All types of communications all ports The rule applies to communications using any port Only the types of communications or ports listed below The rule applies to the ports listed You can add ports to or remove ports from the list Do not track this rule No record of the actions of this rule is made Create an Event Log entry An entry is created in the fir...

Page 84: ...r of a firewall rule 1 In the General Rules Trojan Horse Rules or Program Rules window select the rule that you want to move 2 Do one of the following 2 To have Norton Personal Firewall process this rule before the rule above it click Move Up 2 To have Norton Personal Firewall process this rule after the rule below it click Move Down 3 When you are done moving rules click OK Temporarily disable a ...

Page 85: ...indows Explorer double click My Computer 3 Double click the hard disk on which you installed Norton Personal Firewall In most cases this will be drive C 4 Open Program Files Common Files Symantec Shared 5 Drag firewall rul to the Recycle Bin The firewall will return to its default settings the next time you run Norton Personal Firewall Customize Intrusion Detection The default Intrusion Detection ...

Page 86: ...1 Open Norton Personal Firewall 2 In the Security Center double click Intrusion Detection 3 In the Intrusion Detection window click Signatures 4 In the Signatures list select the attack signature that you want to exclude 5 Click Exclude 6 When you are done excluding signatures click OK If you have excluded attack signatures that you want to monitor again you can include them in the list of active ...

Page 87: ... attacking computer for 30 minutes To enable or disable AutoBlock 1 Open Norton Personal Firewall 2 In the Security Center double click Intrusion Detection 3 In the Intrusion Detection window check or uncheck Turn on AutoBlock Unblock computers If a computer that you need to access appears on the list of computers currently blocked by AutoBlock unblock it If you have changed your protection settin...

Page 88: ...twork identification or a range of IP addresses containing the computer that you want to exclude 5 When you are done excluding IP addresses click OK Restrict a blocked computer You can add a blocked computer to your Restricted Zone to permanently prevent that computer from accessing your computer Computers added to the Restricted Zone do not appear on the blocked list because Norton Personal Firew...

Page 89: ...intercept this information Computers include some basic security features but they might not be enough to protect your personal information Privacy Control helps protect your privacy by giving you several levels of control over cookies and other information that your browser sends to Web sites Privacy Control can ensure that users don t send private information such as credit card numbers over the...

Page 90: ...o protect to the Norton Personal Firewall Private Information list To add private information 1 Start Norton Personal Firewall 2 Do one of the following 2 In the Security Center double click Privacy Control then click Private Information 2 In the Security Monitor on the Select a Task menu click Edit Private Information 3 In the Private Information dialog box click Add 4 In the Add Private Informat...

Page 91: ... Privacy Level Use the slider in the main Privacy Control pane to select pre set security levels 1 Adjust individual Privacy Control settings Customize your protection by manually adjusting individual settings Set the Privacy Level Norton Personal Firewall offers pre set security levels that help you set several Privacy Control options at one time The Privacy Level slider lets you select minimal m...

Page 92: ...es using your browser information Change the Private Information setting Change the Private Information setting to control how Norton Personal Firewall handles attempts to send information on the Private Information list over the Internet To change the Private Information setting 1 Start Norton Personal Firewall 2 Double click Privacy Control 3 Click Custom Level High All personal information is b...

Page 93: ...tes can also use cookies to track your Internet usage and browsing habits Change the Cookie Blocking setting to control how Norton Personal Firewall handles sites that attempt to place cookies on your computer To change the Cookie Blocking setting 1 Start Norton Personal Firewall 2 Double click Privacy Control 3 Click Custom Level 4 Select the Cookie Blocking setting that you want You have three o...

Page 94: ...ck OK Disable or enable secure Web connections When you visit a secure Web site your browser sets up an encrypted connection with the Web site By default Norton Personal Firewall lets any account use secure connections If you want to ensure that users are not sending private information to secure Web sites you can disable secure Web connections w If you disable secure Web connections your browser ...

Page 95: ...ricks to open additional browser windows Ad Blocking helps avoid these problems When Ad Blocking is active Norton Personal Firewall transparently removes 1 Ad banners 1 Pop up and pop under ads 1 Macromedia Flash based ads How Ad Blocking works Norton Personal Firewall detects and blocks ads based on two criteria their dimensions and their locations Blocking by dimensions Most online advertisers u...

Page 96: ...at www ajax com sends the file to the browser which displays the image When Ad Blocking is enabled and you connect to a Web site Norton Personal Firewall scans Web pages and compares their contents to two lists See Keeping current with LiveUpdate on page 53 1 A default list of ads that Norton Personal Firewall blocks automatically Use LiveUpdate to keep the list of blocked ads current 1 A list tha...

Page 97: ...ar on top of the current window while pop unders appear behind the current window When Popup Window Blocking is active Norton Personal Firewall automatically blocks the programming code Web sites use to open secondary windows without your knowledge Sites that open secondary windows when you click a link or perform other actions are not affected To enable or disable Popup Window Blocking 1 Open Nor...

Page 98: ...ttings tab 4 In the list of Web sites do one of the following 2 To change Flash settings for all sites click Defaults 2 To change Flash settings for a site in the list click the site s name 2 To change Flash settings for a site not in the list click Add Site then in the New Site Domain dialog box type the site s address 5 In the Flash animation section select one of the following 2 Block 2 Permit ...

Page 99: ...e advertisement address is http www advertise org annoying ads numberone gif you could change it to http www advertise org annoying ads to block everything in the ads directory 8 Click OK Use text strings to identify ads to block or permit You can control whether Norton Personal Firewall displays specific ads by creating a list of text strings that identify individual ad banners Ad Blocking string...

Page 100: ...able A good compromise is to block only the directories that contain ads For example if www ajax com stores its ads in nifty_images and its navigational images in useful_images you could block www ajax com nifty_images without seriously impeding your ability to use the site You can also create permit strings that allow Web sites to display images that match the string This allows you to override t...

Page 101: ...emove it To modify or remove an Ad Blocking string 1 Open Norton Personal Firewall 2 At the top of the Security Center window click Options Internet Security 3 On the Web Content tab on the Ad Blocking tab do one of the following 2 To modify or remove a string in the Defaults list click Defaults 2 To modify or remove a site specific string click the site s name 4 In the HTML string list select the...

Page 102: ...Blocking Internet advertisements Use text strings to identify ads to block or permit 102 ...

Page 103: ...in the Status Settings window 1 Many denied accesses especially from a single IP address 1 Sequences of port numbers from the same IP address possibly indicating a port scan 1 Excessive network activity by unknown programs Status Settings window Basic information about which protection features are active Statistics window Recent information about firewall and content blocking activities Detailed ...

Page 104: ...wall 2 In the Security Center click Status Settings 3 To change any settings double click a protection feature View the Statistics window The Statistics window provides a snapshot of your computer s network activity since the last time you started Windows Use this information to identify ongoing attack attempts and review how your Privacy Control and Parental Control settings affect your protectio...

Page 105: ...tistics window click Clear Statistics Review detailed statistics Along with the overall statistics in the Statistics window Norton Personal Firewall maintains realtime network counters that track users Internet usage and any actions that Norton Personal Firewall takes The detailed statistics include the following information Network TCP and UDP bytes sent and received the number of open network co...

Page 106: ...n the Detailed Statistics window Users can view all detailed statistics at once or display only certain categories Web Graphics Banner Ads Blocked Estimated sizes of graphics that have been blocked and the time saved by not loading blocked graphics Firewall TCP Connections The number of blocked and permitted TCP connections Firewall UDP Datagrams The number of blocked and permitted UDP connections...

Page 107: ...and ActiveX controls blocked by Norton Personal Firewall Connections A history of all TCP IP network connections made with this computer including the date and time of the connection the address of the computer to which you connected the service or port number used the amount of information transferred and the total time the connection was active Firewall Communication intercepted by the firewall ...

Page 108: ...Center click Statistics View Logs 2 In the Security Monitor on the Select a Task menu click View Log Viewer 3 In the Log Viewer select the log that you want to review 4 When you are done click another log or click OK to close the Log Viewer Web History URLs visited by the computer providing a history of Web activity Alerts Any security alerts triggered by possible attacks on your computer Spam Det...

Page 109: ...include information about hundreds of connections This can make it difficult to identify specific activity or assess the impact of any changes that you make to Norton Personal Firewall settings Clear the logs to remove information about past connections This lets you see how settings changes affect your protection You can clear a single log or clear all logs at once To clear a single log 1 Open No...

Page 110: ...64 KB and 512 KB If you want to see information spanning a longer period increase the size of the log If you need to recover hard disk space reduce the size Changing the size of a log file clears all of the information in that log To change the size of a log 1 Open Norton Personal Firewall 2 In the Security Center main window click Statistics 3 In the Statistics window click View Logs 4 In the Log...

Page 111: ...ind updates patches online tutorials Knowledge Base articles and virus removal tools To explore the Symantec service and support Web site 1 Point your browser to www symantec com techsupp 2 On the service and support Web page click I am a home small business user 3 On the introduction Web page click the link for the information that you want If you cannot find what you are looking for using the li...

Page 112: ...n quotation marks to find articles that include this exact phrase 2 Use a plus sign in front of all of the search terms to retrieve documents containing all of the words For example Internet Security finds articles containing both words 2 For an exact match type the search words in uppercase letters 2 To search for multiple phrases enclose each phrase in quotation marks and use commas to separate ...

Page 113: ... information Norton Personal Firewall immediately deletes the email message Your email program will indicate that the message was sent but the recipient will not receive it Problem Solution It could be Cookie Blocking Many Web sites require that cookies be enabled on your computer to display correctly See Change the Cookie Blocking setting on page 93 It could be a firewall rule A firewall rule mig...

Page 114: ...uter over the Internet See Organize computers into network zones on page 62 To allow the use of your local network including file and printer sharing place the computers on your local network in the Trusted Zone Why can t I connect to the Internet via my cable modem If your network accesses the Internet via a cable connection you may need to make your computer s NetBIOS name visible While the NetB...

Page 115: ...k IP Address 4 In the Exclusions dialog box select the IP address your ISP uses for port scans Your ISP can provide this information 5 Click Exclude 6 Click OK How can a Web site get my browser information The Browser Privacy settings prevent your browser from sending browser information However some diagnostic sites on the Internet might report browser information even though the Browser Privacy ...

Page 116: ...Troubleshooting Norton Personal Firewall Troubleshoot Norton Personal Firewall problems 116 ...

Page 117: ...possible for any computer on the Internet to communicate with any other computer on the Internet The Internet is analogous to a system of roads and highways The superhighways of the Internet called the Internet backbone carry large amounts of information over long distances There are interchanges on the backbone called network access points NAPs and metropolitan area ...

Page 118: ... of the Internet has too much traffic or is damaged information is rerouted How information is transmitted over the Internet All information sent over the Internet is communicated using a protocol called TCP IP Because all of the computers on the Internet understand this protocol each one can communicate with every other computer on the Internet TCP and IP are separate parts of this protocol NAP M...

Page 119: ... from one router to another Routers look at the destination address and forward the packet to the next router IP does not guarantee the delivery of every packet On the destination computer TCP joins the packets into the complete communication TCP may have to reorder the packets if they are received out of order and it may have to reassemble fragmented packets TCP requests retransmission of missing...

Page 120: ... to establish memberships in multicast groups collections of computers that receive simultaneous messages from a single computer Typically IGMP is used to broadcast video and other multimedia over the Internet Your computer reports to a nearby router that it wants to receive messages addressed to a specific multicast group IGMP does not present a major security risk but Norton Personal Firewall al...

Page 121: ... all of the connections are dropped The process starts over for each page on the site though your browser does remember the site s IP address Some newer Web sites use HTTP 1 1 Hypertext Transfer Protocol version 1 1 to establish a single connection that can pass multiple files and stay open for multiple pages Understanding URLs A typical URL looks like this http www symantec com securitycheck inde...

Page 122: ...common Internet programs Ports are part of URLs but they are rarely seen The port number follows the host name and a colon For example http www symantec com 80 securitycheck index html Because the most used ports are standardized you rarely see port numbers For example Web browsers almost always use port 80 so they don t require that you type it unless you need to use a different port The terms se...

Page 123: ... name Program 20 ftp data FTP File Transfer Protocol data 21 ftp FTP File Transfer Protocol control 23 telnet Telnet terminal handler 25 smtp SMTP Simple Mail Transfer Protocol 53 domain DNS Domain Name Service lookup 79 finger Finger 80 http HTTP Hypertext Transfer Protocol 110 pop3 POP3 Post Office Protocol 3 113 auth Ident Authentication Service 119 nntp NNTP Network News Transfer Protocol 137 ...

Page 124: ...is an IP address that when processed using the subnet mask can indicate all of the IP addresses in a subnet A typical base IP address subnet pair looks like this In this example the range of IP addresses that the base IP address and subnet mask identify range from 10 0 0 1 to 10 0 0 255 The most common subnet mask used is 255 255 255 0 because it identifies a relatively small group of IP addresses...

Page 125: ...ir computer knowledge for illicit purposes Since hacker started out as a complimentary term some people use the word cracker for the derogatory form In this text hacker is used in its noncomplimentary form You might also hear other terms for hackers including script kiddies wannabes and packet monkeys These are all terms for hackers in training who use programs written by more advanced hackers to ...

Page 126: ...it s easy to find out the name and address of the owner as well as the name and phone number of the administrative and technical contacts While this information usually can t be used directly to attack a network or computer it can be used to gather more information If a hacker doesn t have a specific target in mind many tools are available for scanning the Internet and finding possible targets The...

Page 127: ...ter the next step is to gain as much control as possible The steps involved and the results obtained vary depending on the version of Windows that is running on the target computer On computers running Windows 95 98 Me once hackers have gained access to the computers there is no need for escalation They have full control of the computers Luckily these versions of Windows don t have many remote con...

Page 128: ...ent are popup menus and up to date stock quotes Both ActiveX and Java are supposed to be safe to run in your browser ActiveX uses a system of digital certificates that lets you decide if you want an ActiveX control to run Digital certificates appear as dialog boxes that ask if you want to install and run a control that appears when you are browsing the Web There are several problems with using dig...

Page 129: ...ealtime chat programs You may also want to restrict the use of file transfer programs This reduces the risk of introducing viruses worms zombies Trojan horses or other malicious code onto your computer or network Norton Personal Firewall lets you choose categories of programs that can access the Internet It keeps the list of programs up to date so your protection stays current as new programs are ...

Page 130: ...used for your current visit to the site If you frequent a site that remembers the stocks that you want to track for example it probably uses this kind of cookie Bad cookies In one of their malevolent forms cookies from one Web site might track your visits to a different Web site For example most of the ads that you see on Web sites do not come from the site that you are viewing but from sites that...

Page 131: ...s from Trojan horses and viruses With so many computers connected by networks and the Internet viruses can spread more rapidly than they could in the days when files were transferred from computer to computer on disks Additionally the risk has broadened from viruses to Trojan horses worms and zombies A virus is a program or code that replicates by attaching itself to another program a boot sector ...

Page 132: ...l be attacked The chance of an attacker singling out your computer from all of those on the Internet is slim However the use of port scanning and other computer discovery tools by hackers means that your computer may be scanned relatively frequently for vulnerabilities The more vulnerabilities that are found the more inviting your computer is to hackers The tools that hackers use to find targets c...

Page 133: ... that contains an ActiveX control it is dynamically downloaded and saved to your hard disk Unlike Java applets ActiveX controls don t run in a restricted environment and have the potential to take control of your computer alert A dialog box that appears in a graphical user interface GUI to signal that an error has occurred or to provide a warning banner ad An advertising graphic often animated tha...

Page 134: ...ocol that automatically assigns a temporary IP address to each device on a network DNS Domain Name System A hierarchical naming system that translates domain names such as www symantec com into IP addresses such as 206 204 212 71 DNS server Domain Name System server A computer that keeps a database of domain names and their corresponding IP addresses When a computer sends a domain name to a DNS se...

Page 135: ...hen it is found fragment An IP packet that has been split into two or more parts or fragments When the size of an IP packet exceeds the maximum frame size of a network that it crosses the packet must be divided into smaller packets or fragments hacker A person who attempts unauthorized access of other people s computers for the purpose of obtaining information from or doing damage to those compute...

Page 136: ... scripting language that is similar to but less capable than Java JavaScript code can be included in Web pages to add interactivity and other functionality local A term that refers to your computer as opposed to a remote computer log A record of actions and events that take place on a computer or handheld device modem A device that modulates converts to analog and demodulates converts from analog ...

Page 137: ...mits files by breaking them into packets and routing each packet along the best available route between the source and destination computers password A character sequence entered by users to verify their identities to a network or program The most secure passwords are difficult to guess or find in a dictionary and contain a combination of capital letters lowercase letters numbers and symbols POP3 ...

Page 138: ... network that links computers or interconnected networks A router receives packets and forwards them to their destination via the best available route server The control computer on a local area network that controls software access to workstations printers and other parts of the network service Protocols that let one computer access a type of data stored on another computer Many host computers th...

Page 139: ...nada or uk for United Kingdom Trojan horse A destructive program that is often designed to cause damage to a computer while disguised as something useful or interesting URL Uniform Resource Locator The global address of documents and other resources on the World Wide Web and the convention that Web browsers use to locate files and other remote services Web page A single document on the World Wide ...

Page 140: ...Glossary 140 ...

Page 141: ...ion check the appropriate Web site listed in the sections that follow If you received this product when you purchased your computer your computer manufacturer may be responsible for providing your support Customer service The Service Support Web site at http service symantec com tells you how to 1 Subscribe to Symantec newsletters 1 Locate resellers and consultants in your area 1 Replace defective...

Page 142: ...ct at the Service Support Web site You ll be led through the online options first and then to the telephone contact options Support for old and discontinued versions When Symantec announces that a product will no longer be marketed or sold telephone support is discontinued 60 days later Technical information may still be available through the Service Support Web site at http service symantec com S...

Page 143: ...such change without prior notice July 25 2002 North America Symantec Corporation 555 International Way Springfield OR 97477 U S A http www symantec com Australia and New Zealand Symantec Australia Level 2 1 Julius Avenue North Ryde NSW 2113 Sydney Australia http www symantec com region reg_ap 61 2 8879 1000 Fax 61 2 8879 1001 Europe Middle East and Africa Symantec Customer Service Center P O Box 5...

Page 144: ...Service and support solutions 144 ...

Page 145: ...tisements blocking 95 101 113 Alert Assistant 39 Alert Tracker 41 42 accessing 36 Alerting Level adjusting 40 alerts adjusting the Alerting Level 40 Alert Assistant 39 new network connection 61 overview 39 AOL 56 attack signatures 70 excluding 85 attacks 69 87 125 128 132 network 70 signatures 70 tracing 43 44 tracing from AutoBlock 43 tracing from Log Viewer 43 tracing from Statistics 43 AutoBloc...

Page 146: ... recovery procedures 11 13 Norton Personal Firewall 11 enabling Ad Blocking 96 Flash blocking 98 Popup Window Blocking 97 encryption 94 Event Log See Log Viewer F file sharing 62 firewall rules processing order 75 76 removing 84 for Web servers 67 firewall See Norton Personal Firewall firewalls using LiveUpdate 55 Windows XP 21 Flash blocking enabling and disabling 98 G glossary 48 133 H hackers 1...

Page 147: ...orton Personal Firewall 103 110 refreshing 109 viewing 108 N NetBIOS making name visible 114 networks troubleshooting 114 using LiveUpdate 55 new features Norton Personal Firewall 15 newsletters 52 Norton Personal Firewall about 70 accessing 37 Block Traffic 44 checking Status Settings 104 customizing 75 disabling 47 Email options 46 emergency recovery procedures 11 Firewall options 45 General opt...

Page 148: ... to Program Control 78 manually configuring Internet access 80 proxy servers 67 R Readme file 49 registering your software 27 removing Norton Personal Firewall 34 previous copies of Norton Personal Firewall 21 required computer configuration 19 risks from active content 128 from Trojan horses 131 from viruses 131 from zombie programs 71 from hackers 125 128 from inappropriate content 129 to privac...

Page 149: ...rmation 115 cable modem connections 114 Cookie Blocking 113 firewall rules 113 networks 114 Norton Personal Firewall 112 115 printing 114 Web sites 112 113 tutorials 51 U UDP User Datagram Protocol 119 Uniform Resource Locator URL 65 121 124 uninstalling Norton Personal Firewall 34 previous copies of Norton Personal Firewall 21 updating from Symantec Web site 56 virus protection 56 URL Uniform Res...

Page 150: ...Index 150 Z zombie programs 71 132 zones 62 64 adding computers to 63 Restricted 88 Trusted 71 ...

Page 151: ...___ Signature ___________________________________ U S Dollars Payment must be made in U S dollars drawn on a U S bank MAIL YOUR CD REPLACEMENT ORDER TO Symantec Corporation Attention Order Processing 555 International Way Springfield OR 97477 800 441 7234 Please allow 2 3 weeks for delivery within the U S Symantec and Norton Personal Firewall are trademarks of Symantec Corporation Other brands and...