Your Personal Firewall Can Either Help or Hinder You

One of the key elements in a layered defense strategy is a personal firewall on each computer. You need to protect each computer on your LAN from hostile Internet traffic, and sometimes, from hostile traffic coming from other computers on your LAN.

Unfortunately, if you don’t setup your personal firewall properly, you can have problems.

A misconfigured or misbehaving personal firewall on one or more computers on your LAN can block access to the server, whether local (on your LAN) or remote (on the Internet), that you need to access. If your problems remain even after you configure your personal firewall, then you will need to try deactivating it, or un installing it.

Deactivating a firewall isn’t always an effective solution. Many personal firewalls do not react well to being deactivated – you have to either configure them properly, or un install them. Un installation, depending upon the brand, may require intensive work, and may involve more than running a simple script from Control Panel or All Programs – (Name Of Firewall Product).

Once you deactivate or un install the firewall, you are unprotected. If you must deactivate or un install your firewall, only do this temporarily. If you’re connected directly to the Internet (which is simply not a recommended setup, even with a personal firewall on the computer), disconnect from the Internet BEFORE doing this. After you get things working, then re install, reactivate, and configure a firewall on each computer, before reconnecting.

Configuring a personal firewall, to enable access to the desired services, may involve changing one or more settings. Please spend some time reading the documentation for the firewall in question. After reading the documentation, check the appropriate settings. For Windows Firewall, see Windows Firewall and Windows Networking.

  • Select the appropriate Protection (“paranoia”) level.
  • Make sure that exceptions are permitted.
  • Select a preset exception or rule.
  • Configure the Trusted Zone. Be sure that the router, and the DNS server (if separate) are both trusted.
  • Open the appropriate ports.

Please don’t make the mistake of running two or more personal firewalls. Running more than one firewall will not add protection, it will just cause confusion and system malfunctions. If you’re going to run a third party firewall, you must chose one and only one. Make sure that you’re aware of all software products on your computer, that could act as a personal firewall.

  • Do you have an antivirus product (and if not, get one immediately!)? Some antivirus products come bundled with personal firewalls. F-Secure Internet Security, McAfee Internet SecuritySuite, and Norton Internet Security, for example, each contain both antivirus and personal firewalls (F-Secure Personal Firewall, McAfee Personal Firewall and Norton Personal Firewall, respectively).
  • Even if your antivirus is NOT part of a bundle, it may have a component that acts like a firewall. Some antitrojan, antivirus, and antiworm products can install components that cause these problems. As every security package struggles to keep up with the bad guys, and with competing products, features are constantly being added. Examine any antitrojan / antivirus / antiworm product with suspicion, when researching any otherwise unexplained network problem.
    • Read the manual / owners guide for your security product.
    • Google / Yahoo for your security product name / version. See if there are any reported similar problems.
  • Server Message Blocks, or SMBs, are the lifeblood of Windows Networking. Make sure that all firewalls are setup to pass SMBs properly – whether you’re using SMBs directly hosted on IP, or SMBs hosted on NetBIOS Over TCP.
  • Do you have a VPN endpoint on the computer? Many VPN endpoints are bundled with personal firewalls.
  • What network card do you have? Does it have an nVidia chipset? The nVidia nForce is probably the first, but surely not the last, device of this type.

Don’t get surprised, and waste a lot of time looking for a solution that may be right under your nose – check for a bundled firewall first.

If you’re going to run a third party firewall, you must disable Windows Firewall, but only from the appropriate Control Panel applet – do not make the mistake of stopping the Windows Firewall service. The Windows Firewall service breaks several network services, if it is stopped.

Stop Windows Firewall from either the Security Center, or the Windows Firewall, applet. Settings – Control Panel, then either:

  • Security Center, and select Firewall Off.
  • Windows Firewall, and select Off.

Please leave the Windows Firewall / Internet Connection Sharing (ICS) service Started and Automatic, at all times. See Microsoft Threats and Countermeasures Guide: Chapter 7 for more information. Also, see When you disable the Windows Firewall service… for a problem acknowledged by Microsoft with a Hotfix.

On the other hand, if you decide to un install your newly discovered third party firewall, please read and observe precautions.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: