Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Firewall Causes Connection Problem

Yesterday I received a call for help from someone who simply could not regain their connection to the Internet. My questioning revealed that they had recently followed some advice they had read on the Internet and installed a firewall on their computer. So I’d like to review for you some “firewall basics”, and share how I resolved the problem.

Firewall BasicsFirewall
1) You want a firewall.
2) You want ONLY one firewall running (this was the cause of my caller’s problem). Two will interfere with each other.
3) A firewall’s job is to allow, or deny, incoming and outgoing Internet connections, by instance, and so it must “learn” – from you – what programs to “allow” and which to “deny”. To avoid repeats, you will see a “Remember this answer?” checkbox. Use this feature sparingly.
4) Apple Macintosh and Microsoft Windows come with a firewall. These firewalls are adequate, but not necessarily the “best”. Their main advantage is that they function without hardly ever notifying the user of their existence, or asking questions. (In fact, most people are unaware that they already have a firewall.)
5) Almost every Internet Security “Suite” (every?) comes with a firewall. Also, there are many “3rd party” stand-alone firewall programs available.

Okay. Firewalls are “good”, and you want one. Unless your operating system is very old (older than XP SP2, and OS X) you have one… if it’s an old edition, get one.

When you install a new security suite, or 3rd-party firewall, the vast majority of them are ‘smart enough’ to turn the existing firewall off for you.. but occasionally they don’t — as what happened to my caller. The way to check is to open either Security Center or Control Panel (Sharing Preferences in OS X) and look at the Firewall status — there will be an option to “Enable/Disable Firewall”. Make sure the OS’s firewall (aka “Windows Firewall”) is off. (This simple act restored my caller’s Internet.)

[note: when troubleshooting Internet or file sharing problems, one of the first things to try is turning off your firewall (BRIEFLY). Misconfigurations can cause slow speeds, failures, intermittent failures, and other misc. weirdnesses.]

Today’s free download(s): The two “best” 3rd-party” firewalls are generally considered to be Comodo and ZoneAlarm. If you are not running a “suite” already, and would like a more robust and effective firewall, I would suggest one of those two.
The Comodo firewall is for the more advanced user, and is highly configurable. The ZoneAlarm is for those who simply want the protection and is my reco’ for most users.
Both these firewalls are “chatty” and will query you as they “learn” — Allow this? Deny this?
But this is good — when you see “Trojan.B_dwnldr.exe is trying to connect to the Internet. Allow or Deny?” — you’ll know to click “deny” and that you’ve been infected, and it’s time to get busy.

Copyright 2007-9 © Tech Paul. All rights reserved. post to jaanix

Share this post :

May 12, 2009 Posted by | advice, Apple, computers, how to, Internet, Microsoft, troubleshooting, Windows | , , , , , , | 7 Comments

About firewalls*

Regular readers of this post know that I advise running a firewall. It has been a while since I have told you how to do that, so I will do so today. If you already have a firewall, you may want to keep reading as some firewalls are not as good as others (and some are next to worthless) and I will get into the details on that further down the page.

A firewall is a tool that essentially separates networks, and allows/blocks “traffic” between those networks. Basically its goal is to block “bad” traffic from entering your machine or home network from the vast, scary Internet, and only allow “good” traffic to come and go. A firewall is analogous to a moat around your castle; it lowers the drawbridge to allow the useful people and products to come and go, and raises the drawbridge when it spots the invading army.

Tip of the day: Install and enable a 3rd Party firewall. Or, if you have one already, turn it on.
Microsoft brought personal firewalls into Windows with XP Service Pack 2 (and improved it in Vista), so if you are running XP or newer you already have a firewall built in and so the first thing to do is to make sure it’s turned on. There are several ways to check the status of Windows Firewall, and here’s a couple: Start >Connect to >Show all network connections, or Start >Control Panel >Network Connections.
You will now see a window showing your networks. You want to look under the heading “LAN or High Speed Internet” for the network that says “Connected”, (mine says “Wireless Network Connection” because I’m writing this from my laptop and I’m in my local public library) and if it’s on, “Connected, firewalled”. Right-click on the icon and select Properties and select the Advanced tab. The top area is your firewall. Click the Settings button, use the radio button to turn it on. Done.

Or, your computer may have come with, or you may have purchased, an Internet Security Suite — typically from a vendor like McAfee — and these all come with some sort of firewall. You should know if it is enabled because if it is, you will have been pestered with pop-up warning boxes asking for an “Allow or Deny?” decision [the price you pay with all firewalls, as they “learn” your configuration and usage].
To make sure it’s “on” open the suite’s control panel by double-clicking on its desktop icon or right-click its system tray icon. There will be several categories of “protection”, and each interface is different, so you may have to explore a little bit to find it.

PLEASE NOTE: It is “not good” to have two firewalls running at the same time! Use only the strongest firewall you have available.

Okay, so what do I mean by “strongest”? Well first of all, you may have read that the Windows Firewall isn’t very good. This is particularly true of the XP firewall, and that criticism is mainly because it’s a “one-way” firewall — it is only designed to prevent intrusions. It is incapable of monitoring the traffic that leaves your PC. It cannot prevent your personal data from “leaking” out. It is also not very “robust”.  (Vista’s firewall is 2-way.)
Robust, in computing, is a term used to describe how, steady and reliable a system is, how “fault tolerant”, and how difficult it is to purposely “crash” it. A lot of the personal firewalls available simply aren’t very robust, and a hacker can bring them down fairly easily, and then, obviously, you would be unprotected.

ALSO NOTE, Please: It is my belief that any firewall is better than no firewall. It will protect you from the casual or inexperienced hacker. However, keep reading because there are robust, two-way firewalls available for free.

If you want a professional-strength firewall (and my point is, you do), the top contenders are for-sale versions, and they are not unreasonably priced. Kerio (now owned by Sunbelt), Outpost Pro, and ZoneAlarm Pro are my recommended choices.

Free link(s) of the day: There are two free firewalls that are as good as the for-a-fee ones mentioned above. My first reco’ is the free version of ZoneAlarm. The Install starts out as the “Pro” version and then reverts to a free version. The Pro version period really helps with firewall’s “learning” and seems to me easier for the average user to configure and use. It is quite vigilant and “chatty” — but it’s effective.
A more robust firewall is offered by Comodo. It takes more system resources and seems to me quite slow in responding to allow/deny answers and isn’t quite as “user friendly, but it is quite configurable for the more advanced user.

*Prior publication 6/30/07

Copyright 2007-8 © Tech Paul. All rights reserved.jaanix post to jaanix

Share this post :

 

April 22, 2008 Posted by | advice, computers, firewall, how to, Internet, networking, PC, privacy, security, tech, Windows | , , , , , , , | 5 Comments