BEWARE!!! Norton Internet Security 2008's default firewall settings make it easy to network but leave your PC open to a number of crucial vulnerabilities.
If you’re running Norton InterNet Security with Vista, it’s important to remember that file sharing security is handled through your Firewall. If your Norton Firewall is not configured correctly, you have easy network access and security vulnerabilities.
If you use WiFi you want to:
Block Windows File Sharing - to prevent other PCs from accessing files on your PC
Block EMAP to prevent other PCs from changing your PC's configuration
Disable Inbound Netbios to prevent other computers from accessing your files
Block Microsoft SMB an alternate file sharing method
Disable Inbound Netbios Name to prevent other PCs from discovering your PC's name
Here are instructions for Norton InterNet Security 2008, it took me a while to find them in the Norton documentation.
Blocking Windows File Sharing is crucial if you use WIFI!!!
Norton Internet Security => Settings => Select Norton Internet Security Options at bottom of the page
Select Personal Fire Wall => Advanced – review list to ensure there are no dangerous permissions
See this Norton Description of Options: Note ORDER OF OPTIONS IS IMPORTANT! http://service1.symantec.com/SUPPORT/sunset-c2002kb.nsf/pfdocs/2001023451590766?Open&docid=2001023451590766&nsf=nip.nsf&view=pfdocs
BLOCK Windows File Sharing - Prevents other computers from accessing shared files that are on this computer. Also prevents other computers from using shared printers that are attached to this computer.
When this rule is moved up in rules list so that it is applied before other rules regarding file and print sharing, this rule provides an easy method to turn file and print sharing on or off.
ICPM In/Out - Leave Enabled - Allows Pings to be sent and received
DNS In/Out - Leave Enabled - Removing this rule causes DNS to fail. To increase security without removing the rule, change the rule to allow the computer to send DNS queries only to the user’s primary DNS server.
In NetBIOS Name - DISABLE - Prevents NetBIOS requests from finding the name of the local computer. NetBIOS cannot find the computer name by sending a query to the local computer.
Bootp - Leave Enabled – allows for static IP addresses.
Outbound Netbios - Leave Enabled – allows you to view shared files on other computers.
Inbound NetBios - DISABLE – prevents other computers from accessing your files.
Microsoft SMB - BLOCK – SMB is a Microsoft Windows feature that can be used to provide an alternate method for file and print sharing. This rule prevents SMB from being used to permit file and print sharing.
Loopback In/Out - Leave Enabled – allows the computer to send messages to itself.
EMAP Block – ENABLE BLOCK - EPMAP is a protocol that can be used by one computer to change the configuration of the services that are running at another computer. This rule prevents EPMAP from modifying the services that are at the local computer.
UpnP - Leave Enabled - Universal Plug and Play
SSDP - Leave Enabled - Simple Service Discovery Protocol – discovers plug and play
LLMNR - Leave Enabled - Local Link Multicast Name Resolution
Reset the Firewall and make these changes. Check your system often to see if hackers have altered them or if unauthorized changes have been made!
BLOCK LIST: Order is important, move up the most important
BLOCK Windows File Sharing - Prevents other computers from accessing shared files that are on this computer. Also prevents other computers from using shared printers that are attached to this computer.
When this rule is moved up in rules list so that it is applied before other rules regarding file and print sharing, this rule provides an easy method to turn file and print sharing on or off.
In NetBIOS Name - DISABLE Prevents NetBIOS requests from finding the name of the local computer. NetBIOS cannot find the computer name by sending a query to the local computer.
Inbound NetBios - DISABLE – prevents other computers from accessing your files.
Microsoft SMB BLOCK – SMB is a Microsoft Windows feature that can be used to provide an alternate method for file and print sharing. This rule prevents SMB from being used to permit file and print sharing.
EMAP Block – ENABLE BLOCK - EPMAP is a protocol that can be used by one computer to change the configuration of the services that are running at another computer. This rule prevents EPMAP from modifying the services that are at the local computer.
LEAVE ENABLED LIST: ICPM In/Out - Leave Enabled - Allows Pings to be sent and received.
DNS In/Out - Leave Enabled - Removing this rule causes DNS to fail. To increase security without removing the rule, change the rule to allow the computer to send DNS queries only to the user’s primary DNS server.
Bootp - Leave Enabled – allows for static IP addresses
Outbound Netbios - Leave Enabled – allows you to view shared files on other computers.
Loopback In/Out - Leave Enabled – allows the computer to send messages to itself.
IPV6 - Leave Enabled – no dramatic warnings.
UpnP - Leave Enabled - Universal Plug and Play
SSDP Simple Service Discovery Protocol – discovers plug and play
See also: Auditmypc.com
Copyright 1999-2008, Michele Moore. All Rights Reserved. This material may NOT be broadcast, published, redistributed or rewritten without written permission.
The antivirus on your computer is necessary. There is much dangerous in the internet. You must be careful. One of the most safe spyware programs is http://rapid4me.com/?q=Avira+AntiVir+Personal
Posted by: treffa | April 21, 2009 at 04:51 AM