PRODUCT GUIDE McAfee Firewall VERSION 4.
COPYRIGHT © 2002 Networks Associates Technology, Inc. and its Affiliated Companies. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Network Associates, Inc.
McAfee Perpetual End User License Agreement – United States of America NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT"), FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY NETWORK ASSOCIATES, INC. ("McAfee"). BY CLICKING THE ACCEPT BUTTON OR INSTALLING THE SOFTWARE, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
iv 2. Term. This Agreement is effective for an unlimited duration unless and until earlier terminated as set forth herein. This Agreement will terminate automatically if you fail to comply with any of the limitations or other requirements described herein. Upon any termination or expiration of this Agreement, you must cease use of the Software and destroy all copies of the Software and the Documentation. 3. Updates.
c. Warranty Disclaimer. Except for the limited warranty set forth herein, THE SOFTWARE IS PROVIDED "AS IS." TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MCAFEE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT WITH RESPECT TO THE SOFTWARE AND THE ACCOMPANYING DOCUMENTATION.
10. High Risk Activities.
McAfee Perpetual End User License Agreement – Canada NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT"), FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") BY NETWORK ASSOCIATES INTERNATIONAL B.V. ("McAfee"). BY CLICKING THE ACCEPT BUTTON OR INSTALLING THE SOFTWARE, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT.
c. viii Volume License Use. If the Software is licensed with volume license terms specified in the applicable price list or product packaging for the Software, you may make, use and install as many additional copies of the Software on the number of Client Devices as the volume license authorizes. You must have a reasonable mechanism in place to ensure that the number of Client Devices on which the Software has been installed does not exceed the number of licenses you have obtained.
a. Limited Warranty. McAfee warrants that for sixty (60) days from the date of original purchase the media (e.g., diskettes) on which the Software is contained will be free from defects in materials and workmanship. b. Customer Remedies.
9. Export Controls. You have been advised that the Software is subject to the U.S. Export Administration Regulations and applicable local export control laws. You shall not export, import or transfer Products contrary to U.S. or other applicable local laws, whether directly or indirectly, and will not cause, approve or otherwise facilitate others such as agents or any third parties in doing so.
Contents 1 Welcome to McAfee Firewall 4.0 . . . . . . . . . . . . . . . . . . . . . . . . . . 13 What’s new in this release? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 How McAfee Firewall works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 About this manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Frequently asked questions . .
Contents 6 Updating McAfee Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 About Instant Updater . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Instant Updater features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 A How to contact McAfee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 About www.McAfee-at-Home.com . . . . . . . . . . . . . . .
1 Welcome to McAfee Firewall 4.0 Protect yourself while online with the advanced security of McAfee Firewall. Easy-to-use, yet highly configurable, McAfee Firewall secures your PCs connection to the Internet whether you connect via DSL, cable modem or dial-up.
Welcome to McAfee Firewall 4.0 14 McAfee Firewall 4.0 n Password protection: Prevent others from tampering with your firewall settings using password protection. n Improved support for broadband connections. n Usability enhancements: McAfee Firewall 4.0 includes many user interface enhancements to make it easier than ever to secure your computer.
Welcome to McAfee Firewall 4.0 How McAfee Firewall works McAfee Firewall is a simple-to-operate security tool that dynamically manages your computing security behind the scenes. Setup During the installation process, the Configuration Assistant prompts you with basic questions to set up McAfee Firewall to do specific tasks – according to your needs (e.g. allow sharing of files or not). Operation McAfee Firewall filters traffic at the devices that your system uses - network cards and modems.
Welcome to McAfee Firewall 4.0 Frequently asked questions The following are some frequently asked questions that you can briefly review: How will McAfee Firewall help me? McAfee Firewall protects your computer at the network level. It acts as a gatekeeper, checking every data packet going in or out of your PC. It allows only what you tell it to allow. McAfee Firewall has been designed to be easy to use, while providing superior protection.
Welcome to McAfee Firewall 4.0 A separate but also important issue is controlling access to information, misinformation and “filth” that is widely available on the Internet. You can use a number of content-filtering services or programs such as McAfee’s Internet Security that can filter the contents of data packets or restrict access to certain sites. Are there any data packets that McAfee Firewall cannot stop? Inbound Data: No.
Welcome to McAfee Firewall 4.0 18 McAfee Firewall 4.
Installing McAfee Firewall 2 The setup program on your McAfee Firewall 4.0 installation CD lets you install the program easily on your computer. Installation should start automatically when you insert the CD into your computer’s CD-ROM drive. The information in the following paragraphs will help you install and start using McAfee Firewall.
Installing McAfee Firewall Installation steps To avoid installation problems, close all open programs before you install McAfee Firewall, including programs that run in the background, such as screen savers or virus checkers. After inserting the McAfee Firewall 4.0 installation CD into your computer’s CD-ROM drive, an Autorun image should automatically display. To install McAfee Firewall software immediately, click Install McAfee Firewall, then skip to Step 5 to continue with Setup.
Installing McAfee Firewall 5 Refer to steps displayed on the Installation Wizard to complete your installation. TIP If your computer does not have the required fonts to view the End User’s License Agreement (EULA), then you can locate the appropriate EULA on your McAfee software installation CD. You must read and agree to the terms of the agreement to complete your installation. NOTE For all Windows 2000 Professional installations, McAfee Firewall requires a unique driver in order to function.
Installing McAfee Firewall Troubleshooting installation problems A failed installation can cause software problems that are difficult to track down. The major causes of installation failure are: n Attempting to install while other software is running. n Temporary files that conflict with the installation. n Hard drive errors. Follow the procedure outlined below to minimize the affect that these common conditions may have on your installation.
Installing McAfee Firewall Step 3: Clean your hard drive Run the Windows hard drive utilities, ScanDisk and Disk Defragmenter to identify and fix any errors on your hard drive: 1 Click Start on the Windows taskbar, point to Programs, then Accessories, then System Tools, and click ScanDisk. 2 In the ScanDisk window, select Standard and Automatically fix errors. 3 Click Advanced.
Installing McAfee Firewall Removing or modifying your McAfee Firewall installation If your computer’s operating system is... n Windows 2000 Professional n Windows XP Home Edition n Windows XP Professional Edition ... you must log on to your computer using a profile with administrative rights. Then do the following: 1 From the Windows Control Panel, start the Add/Remove applet. 2 Select McAfee Firewall and click: M Remove to remove McAfee Firewall from your computer.
3 Getting Started with McAfee Firewall After installing McAfee Firewall, you will need to configure your software for its first use. The Configuration Assistant guides you through this process. The Configuration Assistant Welcome Screen The McAfee Firewall Configuration Assistant displays the first time you start McAfee Firewall. This wizard guides you through initial setup and activates McAfee Firewall on your computer.
Getting Started with McAfee Firewall Table 3-1. McAfee Firewall’s Network Control Settings Internet Traffic Setting Description Filter all traffic Gives you the opportunity to decide whether an application or program in your computer will be allowed to access the Internet. If an unrecognized program attempts to access your computer from the Internet, you will also be given an opportunity to allow or block its access your computer.
Getting Started with McAfee Firewall 1 Access to other shares: check the Allow my computer to access other computer’s shares if you want to allow your computer to have access to the shared drives, directories, folders, and printers, etc. of other computers in your workgroup or home network.
Getting Started with McAfee Firewall The McAfee Firewall Home page Figure 3-1. The McAfee Firewall Home page The McAfee Firewall main window is your central entry point to all of McAfee Firewall’s Tasks, Advanced Tasks, and shared features. The McAfee Firewall interface displays three regions common to all of McAfee Firewall’s screens.
Getting Started with McAfee Firewall n Home. Click Home to go to the McAfee Firewall Home page from any screen. n Next. In conjunction with the Back button, use Next to go to any previously viewed screen during your current session. n Help. Click Help to view its submenu. The Help submenu may include any of the following items. Help submenu item Select this item to... Help on this page w View online Help for the screen you are currently viewing.
Getting Started with McAfee Firewall McAfee Firewall status This region of the Home page displays the current running state of McAfee Firewall. It is either running or not running. If the McAfee Firewall status message is... Then... McAfee Firewall is Running w Click Stop McAfee Firewall to disable firewall protection. McAfee Firewall is Stopped w Click Start McAfee Firewall to enable firewall protection.
Getting Started with McAfee Firewall n View network activity: Select this task to view real-time network activity and view your current activity log. n Set alert preferences: Choose how you want McAfee Firewall to notify you when a potential security breach occurs. n Set up Home Networking: Helps make setting up protections for your PCs sharing an Internet connection a breeze. n Perform a security check: This task allows you to start the McAfee Firewall Security Check process.
Getting Started with McAfee Firewall Other McAfee Firewall features McAfee Firewall settings security check Examines your firewall security settings, allowing you to rectify weaker settings before hackers get a chance to exploit them. The McAfee Firewall Settings Security Check flags and suggests changes to help you keep your system set to optimal security. If Security Check detects an issue, click Fix and McAfee Firewall helps you analyze and correct potential problems.
Getting Started with McAfee Firewall n Determine the point of a network failure that is preventing you from reaching a Web site. n Determine the location of sites and their users, uncover the owners of a site, and help track down the origin of unwanted e-mail messages ('spam'). n Get detailed contact information on sites all over the world (where available). How to start Visual Trace You can start Visual Trace directly from the Windows start menu.
Getting Started with McAfee Firewall 34 McAfee Firewall 4.
McAfee Firewall Configurations 4 Overview The configuration of McAfee Firewall is divided into two classifications – application (program) and system. Upon installation, a base set of rules for system services such as ICMP, DHCP and ARP are installed (these are considered default settings). On the other hand, the programs classification is personalized.
McAfee Firewall Configurations Program configuration During your first attempt to start McAfee Firewall, the Configuration Assistant asked you to identify programs that you want to allow to communicate. At such time, McAfee Firewall created a default set of communication rules for the programs (applications); designated as allowed to communicate.
McAfee Firewall Configurations Changing a program’s allowed state McAfee Firewall monitors Internet traffic to see which programs are communicating. Depending on your settings, it will allow, block, or filter a program's attempt to communicate. If you choose to “Allow all” programs to communicate through your firewall, then all programs installed in your computer can communicate. To view and configure the current list of trusted programs 1 From the Task list, select Control Internet programs.
McAfee Firewall Configurations 4 Refer to the instructions displayed on the Custom Filtering rules dialog boxes to complete your custom configuration. Table 4-2. Customize Filtering Rules dialog buttons Button Description Add w Click Add to add a new rule and to display the What do you want this rule to do? dialog. Remove w Click Remove to remove a rule from the selected program. CAUTION: There is no “undo” feature. Edit w Click Edit to refine a filtering rule.
McAfee Firewall Configurations Refining conditions After you select the primary function for the rule, you can further refine the rule by checking the check boxes for any or all of the communication characteristics: With... Using... w direction w protocols w domain names w remote ports w IP addresses w local ports To customize the refinement condition, click [click here to select]. Depending upon the communication characteristics selected, various dialog and text boxes display.
McAfee Firewall Configurations System configuration Your computer’s operating system performs many types of network communication without reporting directly to you. McAfee Firewall lets you explicitly allow or block different system functions. Settings may be different for each network device, since a computer, for example, can be connected to an internal network as well as having a dial-up connection to the Internet. Use the steps below to control your System settings.
McAfee Firewall Configurations Table 4-4. Default Settings for System Activity System Activity Type Description RIP: Blocked Allow RIP if your administrator or ISP advises you to. PPTP: Blocked This should only be altered by the administrator. Other Protocols: Blocked If you are on an IPX network, you should allow “non-IP protocols”. If you use PPTP, you should allow “other IP protocols”. Ask your network administrator before making any change here.
McAfee Firewall Configurations 42 McAfee Firewall 4.
5 McAfee Firewall’s Intrusion Detection System About Intrusion Detection Unlike other intrusion detection tools, McAfee Firewall’s powerful Intrusion Detection System (IDS) is simple to configure and activate. Instead of requiring users to learn and understand a complex set of attacks to build their own defense lines against intrusions, McAfee Firewall’s development team created a tool that, when activated with the click of a button, detects common attack types and suspicious activity.
McAfee Firewall’s Intrusion Detection System 2 From the Advanced Tasks list, select Intrusion detection settings. Refer to the instructions displayed on the Configure Intrusion Detection Settings screen to complete this task. 44 McAfee Firewall 4.
McAfee Firewall’s Intrusion Detection System Common attacks recognized by IDS The following table lists attacks recognized by McAfee Firewall’s IDS, a description of each attack, and the risk factor assigned to each attack. Attack Description Risk Factor 1234 Also known as the Flushot attack, an attacker sends an oversize ping packet that networking software can not handle. Usually, computers hang or slow down. If a total lockup occurs, unsaved data may be lost.
McAfee Firewall’s Intrusion Detection System Attack Description Risk Factor Newtear A Denial of Service (DoS) attack that usually causes computers with a Windows NT-based operating system to crash. Although the attack is not usually harmful to the computer itself, data from running applications will most certainly be lost. High Oshare A Denial of Service (DoS) attack caused by sending a unique packet structure to your computer.
McAfee Firewall’s Intrusion Detection System Attack UDP Flood Description Risk Factor A remote Denial of Service (DoS) attack designed to flood the target machine with more data than it can process, thereby preventing legitimate connections from being established. High Machine is inaccessible via TCP/IP. Occurs when machine is put to sleep and then awakened. Make sure that “Load Only When Needed” is not checked in the TCP/IP control panel.
McAfee Firewall’s Intrusion Detection System 48 McAfee Firewall 4.
6 Updating McAfee Firewall About Instant Updater As technologies advance, we continually provide updates to McAfee software products. To ensure the highest level of protection, you should always obtain the latest version of your McAfee product. Updating your software is simple using McAfee's Instant Updater. It is a seamless process and requires minimal interaction on your part. Instant Updater is also the mechanism used to register your product with McAfee.
Updating McAfee Firewall n Auto Inquiry: If Auto Inquiry is enabled, it allows you to receive notification of product updates while connected to the Internet. We do not recommend using Auto Inquiry if you have a slow internet connection n Manual Updating: If you rarely connect to the Internet, you may prefer to use Manual Updating with your McAfee product. You can manually update while connected to the Internet. To do this, select the UPDATE function from within the individual product.
How to contact McAfee A About www.McAfee-at-Home.com McAfee is famous for its dedication to customer satisfaction. We have continued this tradition by making our site on the World Wide Web a valuable resource for answers to your questions about McAfee Consumer Products. We encourage you to visit us at http://www.mcafee-at-home.com and make this your first stop for all of your product support needs.
How to contact McAfee 52 McAfee Firewall 4.0 n Windows operating system version number.
Index Port Scanning, 46 Saihyousen, 46 Smurf, 46 Syn Flood, 46 Numerics 1234 Attack, 45 A About Advanced tasks, 31 McAfee list, 31 Tasks, 30 Advanced Tasks, 31 Advanced options and logging, 31 Block IP address, 31 Configure network adapters, 31 Intrusion detection settings, 31 Set up password, 31 Alert Messages, 36 SynDrop, 46 Teardrop, 46 UDP Flood, 47 Winnuke, 47 Configuration Assistant, 15, 25 Access to shares, 26 Allowed applications, 27 Network control settings, 25 Startup options, 26 Copyright Inf
Index H P 19 Hard disk requirements, Ping flood, 46 Ping of death, 46 Port scanning, 46 I Instant Updater About, 49 Auto Inquiry, 50 Auto Update, 49 Configuration, 50 Home page query, 50 Manual Update, 50 Internet traffic settings, 29 Intrusion Detection About, 43 How to Configure, 43 IP Spoofing, 45 Product Support Customer Service, 51 Technical support, 51 R RAM requirements, Readme, 15 S Saihyousen, 46 Screen layout Internet traffic settings, The Task pane, 30 Title bar, 28 Tool bar, 28 Server-si
Index U UDP flood, 47 Uninstalling, 24 V VirusScan scan engine, 49 W Windows XP migration, Winnuke, 47 Winsock 2, 19 24 Product Guide 55
For more information on products, worldwide services, and support, contact your authorized McAfee sales representative or visit us at: Network Associates 13465 Midway Road Dallas, TX 75244 (972) 308-9960 www.mcafee-at-home.
