Norton™ Personal Firewall User’s Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Documentation version 6.0 PN: 10025076 Copyright Notice Copyright • 2002 Symantec Corporation. All Rights Reserved. Any technical documentation that is made available by Symantec Corporation is the copyrighted work of Symantec Corporation and is owned by Symantec Corporation.
Page 3
SYMANTEC LICENSE AND WARRANTY IMPORTANT: PLEASE READ THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT CAREFULLY BEFORE USING THE SOFTWARE. SYMANTEC CORPORATION AND/OR ITS SUBSIDIARIES (“SYMANTEC”) IS WILLING TO LICENSE THE SOFTWARE TO YOU AS THE INDIVIDUAL, THE COMPANY, OR THE LEGAL ENTITY THAT WILL BE UTILIZING THE SOFTWARE (REFERENCED BELOW AS “YOU”...
Page 4
PROPERTY RIGHTS. THIS WARRANTY GIVES YOU SPECIFIC LEGAL RIGHTS. YOU MAY HAVE OTHER RIGHTS, WHICH VARY FROM STATE TO STATE AND COUNTRY TO COUNTRY. 5. DISCLAIMER OF DAMAGES: SOME STATES AND COUNTRIES, INCLUDING MEMBER COUNTRIES OF THE EUROPEAN ECONOMIC AREA, DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES SO THE BELOW LIMITATION OR EXCLUSION...
Recover from an emergency ... 12 Prevent future problems ... 13 Chapter 2 About Norton Personal Firewall What’s new in Norton Personal Firewall 2003 ... 15 Norton Personal Firewall features ... 16 About Norton Personal Firewall ... 17 Chapter 3 Installing Norton Personal Firewall System requirements ...
Page 6
Contents Chapter 4 Norton Personal Firewall basics Access Norton Personal Firewall ... 35 Access Norton Personal Firewall from the system tray ... 36 Work with Norton Personal Firewall ... 37 Access Norton Personal Firewall protection features ... 37 Use the Security Monitor ... 38 Respond to Norton Personal Firewall alerts ...
Page 7
Controlling access to protected computers Control how people use your computer ... 61 Connect to a network ... 61 Enable file and printer sharing ... 62 Organize computers into network zones ... 62 Identify computers to Norton Personal Firewall ... 64 Control how users access the Internet ...
Page 8
Contents Chapter 8 Protecting your privacy Identify private information to protect ... 89 Privacy Control and SSL ... 90 Add private information ... 90 Modify or remove private information ... 91 Customize Privacy Control ... 91 Set the Privacy Level ... 91 Adjust individual Privacy Control settings ...
Page 9
Appendix A Troubleshooting Norton Personal Firewall Troubleshoot Norton Personal Firewall problems ... 112 What is wrong with this Web site? ... 112 Why can’t I post information online? ... 113 Why did an email message I sent never arrive? ... 113 Why doesn’t Norton Personal Firewall notify me before Why can’t I print to a shared computer or connect to a Why can’t I connect to the Internet via my cable...
Page 10
Contents Glossary Service and support solutions Index CD Replacement Form...
Responding to emergencies If you have an emergency, these procedures can help you find the solution to your problem. If you think your computer is under attack If your computer is behaving unpredictably, and you have determined that the behavior is not due to a virus or a corrupted file, you may be the victim of an Internet attack.
Responding to emergencies Recover from an emergency Use Visual Tracking to identify the IP address of the computer that the “Identify the source of attacker used. communications” You can use this information to report the attack to the ISP that owns on page 43.
Prevent future problems Norton Personal Firewall can protect your computer against most Internet attacks. To prepare your computer for emergencies: Stay informed about security risks by visiting the Symantec Security Response Keep your versions to fix vulnerabilities in their browsers. passwords passwords that include uppercase and lowercase letters, numbers, and symbols.
Page 14
Responding to emergencies Prevent future problems...
Personal Firewall Norton Personal Firewall protects computers from Internet attacks, guards your privacy, and speeds Web surfing by eliminating ads. What’s new in Norton Personal Firewall 2003 Norton Personal Firewall 2003 now includes: Security Monitor Gives you fast access to the most-used Norton Personal Firewall tools...
About Norton Personal Firewall Norton Personal Firewall features Norton Personal Firewall features Norton Personal Firewall includes a number of security tools that help keep your computer safe. You can get fast access to all Norton Personal Firewall tools from the new Security Monitor. Internet security can be a complicated topic to understand, so Norton Personal Firewall now includes the Alert Assistant, which helps you understand security issues, suggests how you can resolve problems, and...
About Norton Personal Firewall Norton Personal Firewall provides a barrier between your computer and the Internet. A firewall prevents unauthorized users from accessing private computers and networks connected to the Internet. Internet Norton Personal Firewall blocks access attempts from the Internet Norton Personal Firewall includes features that prevent unauthorized access to your computer when you are on the Internet, detect possible...
Page 18
About Norton Personal Firewall Norton Personal Firewall features Norton Personal Firewall features include: Intrusion Detection Intrusion Detection helps keep your computer safe from Privacy Control Ad Blocking Internet attacks by scanning each piece of information that enters and exits your computer. If it identifies a potential attack, Intrusion Detection alerts you and automatically blocks the connection that contained the attack.
Installing Norton Personal Firewall Before installing Norton Personal Firewall, take a moment to review the system requirements listed in this chapter. System requirements To use Norton Personal Firewall, your computer must have one of the following Windows operating systems installed: Windows 98, 98SE Windows Me Windows 2000 Professional...
Installing Norton Personal Firewall System requirements Your computer must also meet the following minimum requirements. Operating System Windows 98/ 98SE/Me Windows 2000 Professional Windows XP Professional or Home Edition Supported email clients Norton Personal Firewall can scan email messages for private information in any POP3-compatible email client, including: Microsoft Microsoft Outlook 97/98/2000/XP...
Email scanning does not support the following email clients: IMAP clients AOL clients POP3s that use SSL (Secure Sockets Layer) Web-based email such as Hotmail and Yahoo! Lotus Notes mail Supported instant messenger clients Norton Personal Firewall can scan for private information in the following instant messengers: AOL Instant Messenger, version 4.3 or later MSN Instant Messenger, version 3.6 or later...
Installing Norton Personal Firewall Install Norton Personal Firewall To disable the Windows XP firewall On the Windows XP taskbar, click Start > Control Panel > Network Connections. If you have created more than one modem or network connection, select the active connection. Click Network Tasks.
Page 23
Click Next. Read the License Agreement, then click I accept the license agreement. If you decline, you cannot continue with the installation. Click Next. In the Run LiveUpdate after installation window, select whether you want to run LiveUpdate after the installation is done. Installing Norton Personal Firewall Install Norton Personal Firewall...
Page 24
Installing Norton Personal Firewall Install Norton Personal Firewall Click Next. Click Browse to select a folder into which you want to install Norton Personal Firewall, if it is other than the default location. Click Next. Click Next to begin installing Norton Personal Firewall. “Register your software”...
Read the readme text, then click Next. Click Finish to complete the installation. If the opening screen does not appear Sometimes a computer’s CD-ROM drive does not automatically run a CD. To start the installation from the Norton Personal Firewall CD On your desktop, double-click My Computer.
Page 26
Installing Norton Personal Firewall Register your software If you would like information from Symantec about Norton Personal Firewall, select the method by which you want to receive that information, then click Next. Type your name, then click Next. Type your address, then click Next.
Page 27
Internet or by mail. If you want to register by mail, your computer must be connected to a printer that the Registration Wizard can use to print the registration form. If you want to register using the Internet, you must be connected to the Internet.
Installing Norton Personal Firewall After installation After installation After Norton Personal Firewall is installed, a prompt appears giving you the option to restart your computer immediately. After restarting, the Security Assistant appears to guide you through the configuration of Norton Personal Firewall. Restart your computer After installation, a prompt appears telling you that you must restart your computer for the updates to take effect.
Page 29
To set up Home Networking In the Security Assistant Roadmap, click Home Networking. In the Home Networking pane, click Set up Home Networking. In the Home Networking Wizard, click Next. Follow the on-screen instructions to configure your network. Set up Program Control Norton Personal Firewall can scan your computer for Internet-enabled “Scan for Internet-enabled...
Page 30
Installing Norton Personal Firewall After installation To set up Program Control In the Security Assistant Roadmap, click Program Scan. In the Program Scan pane, click Automatically scan programs.
Page 31
In the Program Scan window, click Next to begin the scan. When the scan is complete, all Internet-enabled programs that were found are listed. To allow Internet access for a program, check the check box to the left of the program’s name. To change the Internet access rule or category of a program, in the Internet Access or Category drop-down lists, select the setting that you want.
Page 32
Installing Norton Personal Firewall After installation To set up Privacy Control In the Security Assistant Roadmap, click Privacy Control. In the Privacy Control pane, click Add private information to protect. In the Add Private Information dialog box, under Type of information to protect, select a category.
To protect Norton Personal Firewall options with a password In the Security Assistant Roadmap, click Password Protection. In the Password Protection pane, click Turn on password protection. In the Password and Confirm Password text boxes, type a password. Click OK. If you have Norton SystemWorks installed If you have Norton SystemWorks installed on your computer when you install Norton Personal Firewall, the installer adds a Norton Personal...
Installing Norton Personal Firewall If you need to uninstall Norton Personal Firewall If you need to uninstall Norton Personal Firewall If you need to uninstall Norton Personal Firewall from your computer, use the Uninstall Norton Personal Firewall option on the Windows Start menu. During uninstall, Windows may indicate that it is installing software.
Norton Personal Firewall basics After installation, Norton Personal Firewall automatically protects any computer on which it is installed. You do not have to start the program to be protected. Access Norton Personal Firewall Launch Norton Personal Firewall to change protection settings or monitor its activities.
Norton Personal Firewall basics Access Norton Personal Firewall Access Norton Personal Firewall from the system tray Norton Personal Firewall adds an icon to the Windows system tray. On most computers, the system tray is at the far right of the Windows taskbar at the bottom of your screen.
About Norton Personal Firewall LiveUpdate Help Disable Use the Norton Personal Firewall Options to add additional tools to the “About Global Settings” menu. page 46. Work with Norton Personal Firewall Norton Personal Firewall works in the background, so you may only interact with the program when it alerts you of new network and possible problems.
Norton Personal Firewall basics Work with Norton Personal Firewall In the Security Center, do one of the following: Configure the feature. When you are done making changes, click OK. Use the Security Monitor The Security Monitor collects the most-used Norton Personal Firewall tools into a compact window.
Select a task with the Security Monitor Use the Select a Task menu in the Security Monitor to quickly perform common Norton Personal Firewall tasks. The Select a Task menu includes: Task Test security Edit private information View Log Viewer Run LiveUpdate Run Program Scan Setup Home...
Page 40
Norton Personal Firewall basics Work with Norton Personal Firewall What these types of alerts indicate How to reduce the number of these alerts you receive To use the Alert Assistant In any alert window, click the Alert Assistant button. In the Alert Assistant window, review the information about this alert. To respond to the alert, close the Alert Assistant.
Use Alert Tracker Many of the Internet events that Norton Personal Firewall monitors are not significant enough to trigger alerts. Alert Tracker provides an easy way to monitor these less-important security events. Alert Tracker displays the same information that appears in the Security Event field on the Security Monitor.
Norton Personal Firewall basics Work with Norton Personal Firewall To review recent Alert Tracker messages On the Windows desktop, double-click the Alert Tracker. To the right of the first message, click the arrow if it appears. Double-click an entry to open the Log Viewer. “Review detailed statistics”...
To get more information about an at-risk area On the results page, next to the scan name, click Show Details. Identify the source of communications Visual Tracking helps you learn more about computers that attempt to connect to your computer. Using Visual Tracking, you can identify the location of the address.
Norton Personal Firewall basics Work with Norton Personal Firewall In the Intrusion Detection window, in the AutoBlock section, select a connection you want to trace. Click Attacker Details. Your browser opens the Visual Tracking Web page. When Visual Tracking is finished, it displays a visual representation of where this communication originated and contact information for the owner of the IP address.
Customize Norton Personal Firewall The default Norton Personal Firewall settings should provide adequate protection for most users. If you need to make changes, use the Options menu to access Norton Personal Firewall options. The options let you control more advanced settings. If you are using Windows 2000/XP and you do not have Local Administrator access, you cannot change Norton Personal Firewall options.
Norton Personal Firewall basics Password-protect options About Web Content options Web Content options let you control how Norton Personal Firewall handles interactive online content, ads, and possible privacy intrusions. Web Content options are arranged on three tabs. About Global Settings Global Settings let you control the default actions Norton Personal Firewall takes when Web sites attempt to get information about your animated images, JavaScripts, and other...
Reset options password If you forget your options password you can reset it. To reset your Norton Personal Firewall options password Do one of the following: On the Windows taskbar, click Start > Programs > Norton Personal Firewall > Uninstall Norton Personal Firewall. On the Windows XP taskbar, click Start >...
Norton Personal Firewall basics For more information You can also disable individual security features. For example, you might want to see if the Personal Firewall is preventing a program from operating correctly. To disable a protection feature Open Norton Personal Firewall. In the Security Center, select the feature that you want to disable.
On the main Help menu, click Norton Personal Firewall Help. In the left pane of the Help window, select one of the following tabs: Contents: Displays the Help by topic. Index: Lists Help topics in alphabetical order by key word. Search: Opens a search field where you can enter a word or phrase.
Norton Personal Firewall basics For more information The Release Notes can be accessed from the Start menu. To read the Release Notes Do one of the following: The file opens in Notepad. Close the word processing program when you are done reading the file.
To read the User’s Guide from your hard disk Open the location into which you copied the PDF. Double-click NPF2003.pdf. About Norton Personal Firewall on the Web The Symantec Web site provides extensive information about Norton Personal Firewall. There are several ways to access the Symantec Web site. To access the Symantec Web site from the Norton Personal Firewall main window Click Help.
Norton Personal Firewall basics For more information Subscribe to the Symantec Security Response newsletter Each month, Symantec publishes a free electronic newsletter that is focused on the needs of Internet security customers. It discusses the latest antivirus technology produced by Symantec Security Response, common viruses, trends in virus workings, virus outbreak warnings, and special virus definition releases.
Keeping current with LiveUpdate Symantec products depend on current information to protect your computer from newly discovered threats. Symantec makes this information available to you through LiveUpdate. Using your Internet connection, LiveUpdate obtains program updates and protection updates for your computer.
Keeping current with LiveUpdate About protection updates About protection updates Protection updates are files available from Symantec, by subscription, that keep your Symantec products up-to-date with the latest anti-threat technology. The protection updates you receive depend on which product you are using. Norton AntiVirus, Norton SystemWorks Norton Internet...
When you should update Run LiveUpdate as soon as you have installed your product. Once you know that your files are up-to-date, run LiveUpdate regularly to obtain updates. For example, to keep your virus protection current, you should use LiveUpdate once a week or whenever new viruses are discovered. Program updates are released on an as-needed basis.
Keeping current with LiveUpdate If you can’t use LiveUpdate If you can’t use LiveUpdate When new updates become available, Symantec posts them on the Symantec Web site. If you can’t run LiveUpdate, you can obtain new updates from the Symantec Web site. Your subscription must be current to obtain new protection updates from the Symantec Web site.
LiveUpdate automatically installs all available updates for your Symantec products. To set LiveUpdate to Interactive or Express mode Open your Symantec product. At the top of the window, click LiveUpdate. On the LiveUpdate welcome screen, click Configure. On the General tab of the LiveUpdate Configuration dialog box, select Interactive Mode or Express Mode.
Keeping current with LiveUpdate Run LiveUpdate automatically Run LiveUpdate automatically You can have LiveUpdate check for protection updates automatically, on a set schedule, by enabling Automatic LiveUpdate. You must continue to run LiveUpdate manually to receive product updates. Automatic LiveUpdate checks for an Internet connection every five minutes until a connection is found, and then every four hours.
Page 59
To delete the schedule for Automatic LiveUpdate, disable Automatic LiveUpdate. To disable Automatic LiveUpdate Start Norton Personal Firewall. At the top of the Norton Personal Firewall main window, click Options. If you set a password for Options, Norton Personal Firewall asks you for the password before you can continue.
Page 60
Keeping current with LiveUpdate Run LiveUpdate automatically...
Connect to a network Every time that you use Windows file sharing to exchange files with someone, print to a shared printer, or connect to the Internet using a modem or broadband connection, your computer joins a computers. When you are part of a network, your computer is vulnerable to attacks.
To share files and give access to printers on your local network, you can enable file and printer sharing. If you enable these features on your local network, they are still protected from malicious users on the Internet.
Page 63
computers to your Trusted Zone if you know that their users can be trusted and they have firewall software installed. The Home Network Wizard is the fastest way to organize computers into zones. You can also manually add individual computers to zones. To open the Home Network Wizard from the Security Center Open Norton Personal Firewall.
Controlling access to protected computers Control how people use your computer To manually add computers to zones Open Norton Personal Firewall. In the Security Center, double-click Personal Firewall. In the Personal Firewall window, on the Home Networking tab, select the zone to which you want to add a computer. Click Add.
Page 65
Find a computer’s IP address There are two procedures for finding a computer’s IP address. On Windows 98/Me computers, you can use Winipcfg to find the IP address of a computer. On Windows 2000/XP computers, you can use Ipconfig to find the IP address of a computer.
Page 66
Controlling access to protected computers Control how people use your computer Specify a range of computers You can enter a range of computers by specifying the starting (lowest numerically) IP address and the ending (highest numerically) IP address. All of the computers within that range of IP addresses are included. In almost every case, the first three of the four numbers of the IP addresses entered should be the same.
Control how users access the Internet Norton Personal Firewall supports most Internet without needing additional configuration. If you access the Internet via a cable or DSL router Norton Personal Firewall works behind a cable or DSL the protection provided by the router. In some cases, you might want to reduce the protection provided by the router so that you can use programs like NetMeeting or Microsoft Messenger.
Controlling access to protected computers Control how outside users access your network If you run a Virtual Private Network Norton Personal Firewall works with the following Virtual Private Networks (VPNs): Nortel VPNRemote SecureRemote With most VPNs, when the VPN client is active, you cannot see the Internet or other computers on your local network.
Guarding against intrusion attempts Internet attacks take advantage of the way that computers transfer information. Norton Personal Firewall can protect your computer by monitoring the information that comes into and out of your computer and blocking any attack attempts. How Norton Personal Firewall protects against network attacks Norton Personal Firewall includes three tools that protect your computer from intrusion attempts, malicious Web content, and...
Guarding against intrusion attempts How Norton Personal Firewall protects against network attacks Norton Personal Firewall monitors communications When Norton Personal Firewall is active, it monitors communications among your computer and other computers on the Internet. It also protects your computer from such common security problems as: Improper connection attempts Trojan horses...
Because attacks may span packets, Intrusion Detection examines packets in two different ways. It scans each packet individually looking for patterns that are typical of an attack. It also monitors the packets as a stream of information, which lets it identify attacks spread across multiple packets. If the information matches a known attack, Intrusion Detection automatically discards the packet and severs the computer that sent the data.
Guarding against intrusion attempts Customize firewall protection Customize firewall protection The default Norton Personal Firewall settings should provide adequate protection for most users. If the default protection is not appropriate, you can customize Norton Personal Firewall protection by using the Security Level slider to select preset security levels, or by changing individual security settings.
Move the slider to the Security Level that you want. Your options are: High Medium (recommended) Minimal Change individual security settings If the Security Level options do not meet your needs, you can change the settings for Norton Personal Firewall, Java, and Changing an individual setting overrides the Security Level, but it does not change the other security settings in that level.
Page 74
Guarding against intrusion attempts Customize firewall protection Click Custom Level. Do one or more of the following: On the Personal Firewall menu, select a level. Your options are: High Blocks all communication that you do not specifically allow. You must create firewall rules for every program that requests Internet access.
To be notified whenever unknown programs access the Internet, check Enable Access Control Alerts. To be notified whenever a remote computer attempts to connect to a port no program is using, check Alert when unused ports are accessed. Click OK. Reset security settings to defaults Setting a custom security level disables the Security Level slider.
Guarding against intrusion attempts Customize firewall rules this type of communication are ignored if they appear below the first rule that matches. If no matching rule is found, the communication is blocked. Depending on the Reporting level, an alert may appear. Create new firewall rules Norton Personal Firewall includes Program Control, which helps you create firewall rules as you use the Internet.
Page 77
To enable Automatic Program Control Open Norton Personal Firewall. In the Security Center, double-click Personal Firewall. In the Personal Firewall window, on the Program Control tab, check Turn on Automatic Program Control. Click OK. Scan for Internet-enabled programs Scanning for Internet-enabled programs is the quickest way to configure the Personal Firewall.
Page 78
Guarding against intrusion attempts Customize firewall rules In the Personal Firewall window, on the Program Control tab, click Program Scan. Select the disk or disks on your computer that you want to scan. Click OK. In the Program Scan window, do one of the following: Click Finish.
Page 79
In the Internet Access Control alert, select the access level you want this program to have. Your options are: Automatically configure Internet access (Recommended) Permit Block Manually configure Internet Access If you want to see any risks that this program could pose to your computer, click Details.
Guarding against intrusion attempts Customize firewall rules In the Internet Access Control alert, select the access level you want this program to have. Your options are: Automatically configure Internet access Permit this program access to the Internet Block this program from accessing the Internet Customize Internet access for this program...
Page 81
In the Personal Firewall window, on the Advanced tab, click Trojan Horse Rules. Follow the on-screen instructions. “Write a firewall rule” To add a Program Rule Open Norton Personal Firewall. In the Security Center, double-click Personal Firewall. In the Personal Firewall window, on the Program Control tab, in the list of programs, click Add.
Page 82
Guarding against intrusion attempts Customize firewall rules Select the type of connection the rule should monitor. Your options are: Connections to other computers Connections from other computers Connections to and from other computers Click Next. Select the computers the rule should monitor. Your options are: Any computer Only computers specified below...
Select the ports the rule should monitor. Your options are: All types of communications (all ports) Only the types of communications or ports listed below Click Next. Choose if and how you want Norton Personal Firewall to track this rule. Your options are: Do not track this rule Create an Event Log entry...
Page 84
Guarding against intrusion attempts Customize firewall rules To change an existing firewall rule In the General Rules, Trojan Horse Rules, or Program Rules window, click Add. Select the rule that you want to change. Click Modify. Follow the on-screen instructions to change any aspect of the rule. “Write a firewall rule”...
To remove a firewall rule In the General Rules, Trojan Horse Rules, or Program Rules window, click Add. Select the rule that you want to remove. Click Remove. When you are done removing rules, click OK. Reset firewall rules to the default settings Resetting the firewall rules returns the firewall to its default settings and deletes any changes you have made to firewall rules.
Page 86
Guarding against intrusion attempts Customize Intrusion Detection safe behavior, you can create an exclusion for the attack signature that matches the benign activity. Each exclusion that you create leaves your computer vulnerable to attacks. Be very selective when excluding attacks. Only exclude behavior that is always benign.
In the Excluded Signatures list, select the attack signature that you want to monitor. Click Include. When you are done including signatures, click OK. Enable or disable AutoBlock When Norton Personal Firewall detects an attack, it automatically blocks connection activate AutoBlock, which automatically blocks all incoming communication from the attacking computer for a set period of time, even if the incoming communication does not match an attack signature.
Guarding against intrusion attempts Customize Intrusion Detection Exclude computers from AutoBlock If a computer you need to access is repeatedly placed in the AutoBlock list, you can exclude it from being blocked by AutoBlock. To exclude specific computers from AutoBlock Open Norton Personal Firewall.
Protecting your privacy Every time that you browse the Internet, computers and information about you. Some of this information comes from forms that you fill out and choices that you make. Other information comes from your browser, which automatically provides information about the Web page you last visited and the type of computer that you’re using.
Protecting your privacy Identify private information to protect Privacy Control lets you create a list of information that you want to remain private. If someone attempts to send protected information over the Internet, Norton Personal Firewall warns them about the security risk or blocks the connection.
Modify or remove private information You can modify or remove private information at any time. To modify or remove private information Start Norton Personal Firewall. In the Security Center, double-click Privacy Control. In the Privacy Control window, click Private Information. Select the private information that you want to change or remove.
Protecting your privacy Customize Privacy Control To set the Privacy Level Start Norton Personal Firewall. Double-click Privacy Control. Move the slider to the Privacy Level that you want. Your options are: High Medium (recommended) Minimal Click OK. Adjust individual Privacy Control settings You can change the settings for Private Information, Cookie Blocking, Browser Privacy, and Secure Connections if the Privacy Level settings do not meet your needs.
Page 93
Select the Private Information setting that you want. Your options are: High Medium None Click OK. Change the Cookie Blocking setting Many Web sites store information they collect in hard disk. When you return to a site that has set a cookie on your computer, the Web server opens and reads the cookie.
Page 94
Protecting your privacy Customize Privacy Control Enable or disable Browser Privacy Browser Privacy prevents Web sites from learning the type of you are using, the Web site that you last visited, and other information about your browsing habits. Some Web sites that depend on JavaScript may not work correctly if they cannot identify the type of browser that you are using.
Blocking Internet advertisements Many Web sites are using more aggressive techniques to draw attention to the ads on their pages. Some have begun using larger, more prominent ads, while others rely on ad windows that appear when you enter or leave the site.
Blocking Internet advertisements Enable or disable Ad Blocking Blocking by location Every file on the Internet has a unique address or URL. When you view a Web page, your computer connects to a URL and displays the file that is stored there.
Double-click Ad Blocking. Check or uncheck Turn on Ad Blocking. Click OK. Enable or disable Popup Window Blocking Pop-up and pop-under ads are secondary windows that Web sites open when you visit or leave the sites. Pop-ups appear on top of the current window, while pop-unders appear behind the current window.
Blocking Internet advertisements Enable or disable Flash blocking Enable or disable Flash blocking When Ad Blocking is active, Norton Personal Firewall automatically blocks all Flash animations that have the same dimensions as common ads. Norton Personal Firewall can also block all Flash content. This is useful if you have a slow connection or are not interested in viewing Flash animations.
In the Security Center, double-click Ad Blocking. In the Ad Blocking window, ensure that Enable Ad Blocking is checked. Click Open the Ad Trashcan. The Ad Trashcan window appears. With the windows arranged so that you can see both the advertisement and the Ad Trashcan window, do one of the following: If you are using Microsoft Internet Explorer, drag the unwanted ad from the Web site to the Ad Blocking dialog box.
Blocking Internet advertisements Use text strings to identify ads to block or permit Make sure that what you place in the (Defaults) block list isn't too general. For example, www by itself is not a good string to block because almost every because it only blocks graphics from the slowads other sites.
On the Ad Blocking tab, click Add. In the Add New HTML String dialog box, select the action that you want to take. Your options are: Block Permit Type an HTML string to block or permit. Click OK. Modify or remove an Ad Blocking string If you later decide that an Ad Blocking string is too restrictive, not broad enough, or not appropriate, you can change or remove it.
Page 102
Blocking Internet advertisements Use text strings to identify ads to block or permit...
Monitoring Norton Personal Firewall Norton Personal Firewall maintains records of every ingoing and outgoing Internet connection computer. You should periodically review this information to spot potential problems. There are four sources of Norton Personal Firewall information: Status & Settings window Statistics window Detailed statistics window...
Monitoring Norton Personal Firewall View the Status & Settings window It is normal to see some denied access attempts on a random basis (not all from the same IP address, and not to a sequence of port numbers). You may also see logged access attempts made due to activity on your own computer such as connecting to an FTP server and sending If you see any of the above patterns, it could be evidence of an attack.
Reset information in the Statistics window Norton Personal Firewall automatically clears all of the statistics in the Statistics window when you restart Windows. You can also clear the statistics manually. This helps you see if a configuration change affects the statistics.
Monitoring Norton Personal Firewall Review detailed statistics Web Graphics/ Banner Ads Blocked Firewall TCP Connections Firewall UDP Datagrams Firewall Rules Network Connections Last 60 Seconds The number of network and HTTP connections and the speed of To review detailed statistics Open Norton Personal Firewall.
To set the statistics displayed in the Detailed Statistics window Open Norton Personal Firewall. In the Security Center main window, click Statistics. In the Statistics window, click Detailed Statistics. In the Detailed Statistics window, on the View menu, click Options. In the Norton Personal Firewall Statistics Options window, select one or more categories of statistics that you want to display.
Monitoring Norton Personal Firewall View Norton Personal Firewall Logs Web History Alerts Spam View the logs View the Norton Personal Firewall logs from the Statistics window. To view the logs Open Norton Personal Firewall. Do one of the following: In the Log Viewer, select the log that you want to review. When you are done, click another log or click OK to close the Log Viewer.
Refresh the logs The logs automatically refresh when you move from log to log. To view network events occurring since you began viewing the Log Viewer, you can manually refresh all the logs or an individual log. To refresh all logs at once In the Log Viewer, right-click Norton Personal Firewall, then click Refresh all Categories.
Monitoring Norton Personal Firewall View Norton Personal Firewall Logs Change the size of the logs Norton Personal Firewall stores the information for each log in a separate file. You can change the size of log files to manage the amount of hard disk space that they occupy.
Troubleshooting Norton Personal Firewall The information in this chapter will help you solve the most frequently encountered problems. If you can’t find the solution to your problem here, there is a wealth of information on the Symantec Web site. You can find updates, patches, online tutorials, Knowledge Base articles, and virus removal tools.
Troubleshooting Norton Personal Firewall Troubleshoot Norton Personal Firewall problems To search the Symantec service and support Web site On the left side of any Web page in the Symantec Web site, click search. Type a word or phrase that best represents the information for which you are looking.
If you need to view the site, disable Norton Personal Firewall and try the “Temporarily disable Norton Web site again. Keep in mind that when you disable Norton Personal Personal Firewall” Firewall, your computer may be vulnerable to Internet attacks. on page 47.
Norton Personal Firewall blocks the use of Microsoft networking to prevent someone from connecting to your computer over the Internet. To allow the use of your local network, including file and printer sharing, “Organize computers into place the computers on your local network in the Trusted Zone.
Some Internet service providers scan the ports on users’ computers to ensure that they are keeping to their service agreements. Norton Personal Firewall might interpret this as a malicious communications with your cable system. If this occurs, you need to let your cable provider run port scans.
Page 116
Troubleshooting Norton Personal Firewall Troubleshoot Norton Personal Firewall problems...
About the Internet The Internet is the interconnection of millions of computers throughout the world. It is comprised of the computers and the connections that make it possible for any computer on the Internet to communicate with any other computer on the Internet. The Internet is analogous to a system of roads and highways.
About the Internet How information is transmitted over the Internet exchanges (MAEs). There are regional highways provided by large ISPs and local streets provided by local ISPs. Single user’s computer Like a system of roads and highways, the Internet provides multiple routes from one point to another.
Page 119
The Internet is a packet switching into packets by TCP (Transmission Control Protocol). Each packet contains the addresses of the sending and receiving computers along with the information to be communicated. IP (Internet Protocol) is responsible for routing the packets to their destinations.
About the Internet How Web information is located on the Internet About UDP UDP (User Datagram Protocol) is used for functions in which the reliability of TCP is not necessary, such as broadcasting video to multiple computers at once. UDP doesn’t provide error correction or retransmission of lost packets.
Each URL maps to the IP address of the computer that stores the Web page. URLs are used because they are easier to remember and type than IP addresses. Before your browser requests a page, it asks a server for the IP address of the Web site. IP addresses are 32-bit numbers expressed as four decimal numbers, each ranging from 0 to 255, and separated by periods: 206.204.104.148.
About the Internet How ports identify programs on servers symantec.com www.symantec.com securitycheck index.html There is one particular URL that identifies your computer to itself, and that is localhost. If your computer has Web server software installed, you can type http://localhost and see your Web page. The IP address that corresponds to localhost is 127.0.0.1.
Well-known ports Following are some of the most common well-known ports. Default port How computers are identified on the Internet Millions of computers are connected to the Internet. When you are trying to identify computers, it is easier to work with groups of computers rather than having to identify each one individually.
Page 124
About the Internet How computers are identified on the Internet A typical subnet mask looks like this: 255.255.255.0. The 255s indicate parts of the IP address that are the same for all computers within the subnet, while the 0 indicates a part of the IP address that is different. Subnet masks are always used in conjunction with base IP addresses.
Understanding Internet risks Norton Personal Firewall protects you from major risks that are associated with the Internet. These risks include the threat of network attack, malicious code in exposure of private information, and getting viruses from infected files. Risks from hackers Originally write complex computer programs quickly.
Page 126
Understanding Internet risks Risks from hackers Initial access The hacker exploits a vulnerability found during information gathering and establishes an entry point into your computer. Privilege escalation The hacker gains access to more programs and computer. Covering tracks The hacker hides or removes evidence of the intrusion, sometimes leaving an entry point open for return.
Page 127
Initial access The easiest way for a hacker to access a Windows computer is to use Microsoft networking. On many computers, Microsoft networking is enabled so that anyone on the network can connect to it. Microsoft NetBIOS networking uses three of the well-known ports. These ports are used to establish network.
Understanding Internet risks Risks from active content Other Trojan horse programs might record all your keystrokes to capture passwords and other sensitive data. Norton Personal Firewall blocks the ports that Remote Access Trojan horse programs use to communicate over the Internet. Covering tracks When a hacker has gained as much control of a computer as possible, the task turns to concealing the evidence.
Risks from inappropriate content and activities There is a wealth of information on the Internet that is easily accessible to everyone. However, some topics are not suitable for all people. For example, most people consider pornographic and violent sites to be inappropriate for viewing by children.
Understanding Internet risks Risks to your privacy You may want to prevent some users from sending private information over the Internet. Norton Personal Firewall can block users from accessing secure sites where they might be asked for personal information. Understanding cookies Cookies small files on your computer.
Tracking Internet use Most browsers pass on information that you might want to keep confidential. One item that your browser normally passes to Web sites is of the page from which you came. This information is used by some Web sites to help you navigate through the Web site, but it can also be used to track your Web usage.
Understanding Internet risks The likelihood of being attacked A zombie program is a dormant program secretly installed on a computer. It can later be run remotely to aid in a collective attack on another computer. Zombie programs don’t normally damage the computer on which they reside, but are used to attack other computers.
Page 133
Glossary This glossary provides definitions of some common Internet terms. active content ActiveX control alert banner ad browser Material on a Web page that changes with time or in response to user action. Active content is implemented through ActiveX controls, Visual Basic Scripts, Java scripts, and Java applets in the HTML code that defines the page.
Page 134
Glossary connection connection attempt cookie cracker DHCP (Dynamic Host Configuration Protocol) DNS (Domain Name System) DNS server (Domain Name System server) domain download A method of data exchange that allows a reliable transfer of data between two computers. The data transfer that requests the opening of a connection.
Page 135
email (electronic A method of exchanging messages and files with mail) other people via computer networks. A popular protocol for sending email is SMTP (Simple Mail Transfer Protocol). Popular protocols for receiving email are POP3 (Post Office Protocol 3) and IMAP4 (Internet Message Access Protocol 4).
Page 136
Glossary IP address (Internet Protocol address) ISP (Internet service provider) Java applet JavaScript local modem network NAT (network address translation) A 32-bit numeric identifier that uniquely identifies a computer on the Internet. IP addresses are usually expressed as four groups of numbers, each ranging from 0 to 255, separated by periods.
Page 137
network address The portion of an IP address that is common to all computers on a particular network or subnet. operating system A program that ties the capabilities of computer hardware and software to input/output devices such as disks, keyboards, and mouse devices. outbound An attempt by your computer to open a connection communication...
Page 138
Glossary port number port scan proxy router server service socket stealth subnet A logical communications channel to be used by a particular TCP/IP application. Each application has unique port numbers associated with it. By convention, some protocols use a well-known port number (for example, HTTP uses port 80), although this is configurable.
Page 139
TCP/IP (Transmission The standard family of protocols for Control Protocol/ communicating with Internet devices. Internet Protocol) threat A circumstance, event, or person with the potential to cause harm to a system in the form of destruction, disclosure, modification of data, and/ or denial of service.
Service and support solutions The Service & Support Web site at http://service.symantec.com supports Symantec products. Customer Service helps with nontechnical issues such as orders, upgrades, replacements, and rebates. Technical Support helps with technical issues such as installing, configuring, or troubleshooting Symantec products.
Service and support solutions For upgrade orders, visit the Symantec Store at: http://www.symantecstore.com Technical support Symantec offers two technical support options for help with installing, configuring, or troubleshooting Symantec products: Online Service and Support Connect to the Symantec Service & Support Web site at http://service.symantec.com, select your user type, and then select your product and version.
Page 143
Worldwide service and support Technical support and customer service solutions vary by country. For Symantec and International Partner locations outside of the United States, contact one of the service and support offices listed below, or connect to http://service.symantec.com and select your region under Global Service and Support.
Page 149
settings Norton Personal Firewall 72-85 Program Control 79 sockets 122 SSL (Secure Sockets Layer) and Privacy Control 90 statistics 105-107 detailed 105 Norton Personal Firewall 103-110 resetting 105 resetting detailed statistics counters 106 viewing 104 statistics window 104 Status & Settings, checking 104 stealth ports 126 subnet masks 66, 123 subscriptions 54...
Page 150
Index zombie programs 71, 132 zones 62-64 adding computers to 63 Restricted 88 Trusted 71...
Page 151
Norton™ Personal Firewall CD REPLACEMENT: After your 60-Day Limited Warranty, if your CD becomes unusable, fill out and return 1) this form, 2) your damaged CD, and 3) your payment (see pricing below, add sales tax if applicable), to the address below to receive replacement CD. DURING THE 60- DAY LIMITED WARRANTY PERIOD, THIS SERVICE IS FREE.