August 30th, 2002, 01:25 AM
Visnetic Firewall Help
in one of my other posts someone sugested trying a packet filtering firewall like visnetic so i downloaded it and tryed it, i thought it was working fine and i had set it up right untill i did several tests only to find it wasnt blocking a thing, as if it wasnt even running.
any help would be good. im using xp by the way
August 30th, 2002, 07:45 PM
Tip #1: Don't use XP!!
Tip #2: Use Agnitum Outpost as a firewall on Windows systems (www.agnitum.com) its free (the FREE version, that is, you have to pay for the PRO version but it offers very few extras over and above the free version so its hardly worth it!)
August 30th, 2002, 08:11 PM
yea i do use agnitum already, its just i was windering why i could'nt get it to work but thanks for the advice
Yea xp is a bit crap but its only my second machine.
August 30th, 2002, 11:54 PM
probably, it was me who suggested the visnetic. what version did you download ?
I personally work with the actual 1.1
pls be mor specific , I am sure I can assist you.
there is a rule wizard with the visnetic firewall.
one good thing with the wizard is, you can always start from the bottom to use the wizard or the generate your own rules. do not chose everything the rulewizard offers you.
I do not know your enviroment, but you should ( if you running more than one pc ) only activate http/ dns ( domaincontroller or router in your network ? ) /netbios/ visnetic trace / https ( to be bind to the lan adapter( visnetic will shield your netbios ports towards the internet , can be tested under www.pcflank.com). if you activate everything .. well than your system is wide open.
try to use not the firewall wizard and look into the log/ activity , whats happening.
if the outbound connection you will see there , is a wanted one, than go and create the specific rule for this connection / port/ service). from this point you are going to learn very quickly more aobut firewallrules / ports / services as you can see under tiny or outpost. outpost und tiny are very good ones, no doubt about it, but it happened to me that on one machine out of 22 in my network always connected thowards a chechoslovakia ip adress. unfortunately, the trojan used a firewall tunneling technique , which cannot be prevented by tiny or outpost or zonalarm. only when i examined the logs from conseal and visnetic , I figured out that something is pentrating my tiny firewall , everytime the machine came up, it established a connection , cloaked as a http request. tiny did not see it at all ! this made me changing all my securiy settings on all machines (what a load of work !! )
so visnetic is very good to learn alot of creating firewall rules and to understand how it works !
so pls give me more input and I will respond asap :-)
August 31st, 2002, 06:37 PM
that helps i tried what u said but still no luck. i gess ill just stick with agniton.