Hello, I'm running sygate personal firewall pro 5.5 on a single home machine connecting to the internet via an ADSL connection. Most recent virus scan (nod32) showed no viruses on system.
Should the following "running applications" be allowed to connect?
thanks
server.
Can I do that in sygate?
I mean... should i block it from accessing the net?
(Internet
Yes. I was. Should I turn off the windows firewall (sp-2)? Should I then block application layer gateway service when it requests internet access? should i disable it in services?
I have no intranetwork. This probably means block it, right?
Yes, but go into advanced properties and disable it acting as a server.
Can you even connect if you disable it?
Why are you running this? It is needed if you are running ICF (Internet Connection Firewall for pre-SP-2) or the Windows Firewall (SP-2). Are you running 2 software firewalls?
If you want to connect to other hosts in your intranetwork. See
I use Sygate Personal Firewall. Change the advanced properties in the application rules.
You can disable it and see if you can connect anywhere, like your e-mail service, or even connect at all (since this blocks ntoskrnl.exe which is the kernel which would be managing TCP). If blocking it prevents Net access then you'll want to allow it.
Only run one firewall. Windows Firewall (nee ICF) has no outbound protection so you would never even see this type of prompt. Use the better firewall (in this case, Sygate).
I would suspect yes since you are only blocking authentication services to other hosts. A firewall doesn't block connections from any processes running locally from accessing anything on that host. Personally I don't see a need to block it.
You could also ask at the Sygate forum
I use Sygate on both XP and WinME. I noticed on WinME that Kernel32.dll wants to access the internet always but blocking it doesn't stop any internet services from running, same with blocking ntoskrnl.exe in XP, all interent services still work.
Check on Google to see if they need access to the net
I use Sygate to block kernel32.dll on my Win98. In fact, I block everything I don't use. Casey
Then I would suggest doing the same as for svchost: allow it to have unfettered outbound traffic (and unfettered inbound traffic as the result of prior outbound traffic; i.e., stateful inspection of inbound traffic). So go into advanced properties and configure it as client but NOT as server. It could be damn tough trying to figure out why some service or process won't work when it's buried at the kernel level.
Hmm, I just checked the app rule for NT Kernel & System (ntoskrnl) and it was already configured to allow as client but block as server. I don't recall configuring this rule so I suspect it is the default one already included by Sygate Personal Firewall. But maybe I did reconfigure it.
One of the deficiencies of SPF is that you cannot define advanced options when you get the prompt and decide to allow or block the connection (and select to remember your choice). You have to block (to be safe at that moment) or to allow (if you trust the application causing the prompt) and then manually head off to reconfigure the advanced options to enable act-as-client and block act-as-server options.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.