Not sure if this goes in Computers or Internet, but I felt this was the most appropriate place seeing as it is a subforum for security issues.

I have Norton Personal Firewall 2001 and it has served me well for a good number of years, keeping this machine secure. However there has always been this annoying problem of the firewall closing ports or locking up completely and not allowing certain peer to peer software (WinMX is a problem) to open certain ports and requiring a complete system reboot to fix the problem.

Recently I have been trying to run a web server off my computer/DSL connection and have found that after a certain amount of time the port ends up getting closed and when you try and access it from the outside you cannot do so as the firewall is preventing communication between the application and external traffic. The only way to keep it alive is for me to visit the sites every few minutes. If it goes dead then the only way to fix the problem is to restart the server applications (whether it be IIS or Abyss webserver) manually which can be a pain.

This problem also happens if I try and set up an FTP server on my computer - the connection gets killed after a certain amount of time and it ceases to serve any data until I manually restart the service. As I am not always in front of my computer 24/7 I cannot always kill and restart the server application and sometimes the connection can appear to be dead for hours whilst I am at college or out somewhere.

How do I get this problem to stop and open a permanent hole in my firewall to allow external traffic in. There is is a rule to permit inbound TCP traffic in on port 80 which IIS currently runs on, 8080 which Abyss runs on and 443 for the IIS SSL. It has always had the same problem regardless of whether I have both enabled or one enabled and one disabled. I also have moved the rule to the top of the rules table but it does not seem to have any effect.

I have used Zone Alarm in the past under Windows 98 but I found it to be unreliable, so please don't suggest that. I also do not particularly want to upgrade to any products above 2001 as they appear to be fairly bloated.

It is really starting to annoy me very much as I use the IIS to remotely retrieve big files from on my computer from college that I cannot email because of restrictions on the size of the files - the intergrated security makes it easier as I can just type the username and password I use to logon at home. The Abyss server is used for hosting files for public download on various forums which do not have an attchment feature on their software, as I currently do not have any webspace at the moment.

Does anybody have a solution that for my problem? It is really starting to drive me nuts!!! :cry: :mad: :afire:

Not sure if this goes in Computers or Internet, but I felt this was the most appropriate place seeing as it is a subforum for security issues.

I have Norton Personal Firewall 2001 and it has served me well for a good number of years, keeping this machine secure. However there has always been this annoying problem of the firewall closing ports or locking up completely and not allowing certain peer to peer software (WinMX is a problem) to open certain ports and requiring a complete system reboot to fix the problem.

Recently I have been trying to run a web server off my computer/DSL connection and have found that after a certain amount of time the port ends up getting closed and when you try and access it from the outside you cannot do so as the firewall is preventing communication between the application and external traffic. The only way to keep it alive is for me to visit the sites every few minutes. If it goes dead then the only way to fix the problem is to restart the server applications (whether it be IIS or Abyss webserver) manually which can be a pain.

This problem also happens if I try and set up an FTP server on my computer - the connection gets killed after a certain amount of time and it ceases to serve any data until I manually restart the service. As I am not always in front of my computer 24/7 I cannot always kill and restart the server application and sometimes the connection can appear to be dead for hours whilst I am at college or out somewhere.

How do I get this problem to stop and open a permanent hole in my firewall to allow external traffic in. There is is a rule to permit inbound TCP traffic in on port 80 which IIS currently runs on, 8080 which Abyss runs on and 443 for the IIS SSL. It has always had the same problem regardless of whether I have both enabled or one enabled and one disabled. I also have moved the rule to the top of the rules table but it does not seem to have any effect.

I have used Zone Alarm in the past under Windows 98 but I found it to be unreliable, so please don't suggest that. I also do not particularly want to upgrade to any products above 2001 as they appear to be fairly bloated.

It is really starting to annoy me very much as I use the IIS to remotely retrieve big files from on my computer from college that I cannot email because of restrictions on the size of the files - the intergrated security makes it easier as I can just type the username and password I use to logon at home. The Abyss server is used for hosting files for public download on various forums which do not have an attchment feature on their software, as I currently do not have any webspace at the moment.

Does anybody have a solution that for my problem? It is really starting to drive me nuts!!! :cry: :mad: :afire:

I realy hate to give you such a lame reply but ditch the software - Use kpf or sygate - anything but NIS its pants !!!

I realy hate to give you such a lame reply but ditch the software - Use kpf or sygate - anything but NIS its pants !!!
Ditch it? :eek:

I personally NPF has done a good job, but this problem is a real pain in the rear end. What other firewalls are there that are good and similar features of NPF (e.g. web site logging, connection logging, popup blocking and firewalling all in one without the bloat). I also have lots of websites configured in NPF to block/allow popups and to transfer it all over sounds like a mammoth task.

:(

Not sure if this goes in Computers or Internet, but I felt this was the most appropriate place seeing as it is a subforum for security issues.

I have Norton Personal Firewall 2001 and it has served me well for a good number of years, keeping this machine secure. However there has always been this annoying problem of the firewall closing ports or locking up completely and not allowing certain peer to peer software (WinMX is a problem) to open certain ports and requiring a complete system reboot to fix the problem.

<SNIP>

Does anybody have a solution that for my problem? It is really starting to drive me nuts!!! :cry: :mad: :afire:
NIS has the habit of blocking ALL access to/from an IP address for 30 minutes if it sees that address has "attacked" your machine. This is what may be happening in your case. Rebooting resets the block.

You need to find the IP address of the remote system, then check your logs to see if a specific attack has been monitored. Find why the blocking action was taken.

If it is a Trojan Rule that is causing it, you need to check what traffic is coming in on what ports from the remote system. They may be using ports which are used by a particular Trojan, and this is giving a false positive. If so, you need to edit the relavent Trojan Rule to permit traffic from the specific IP address the remote system uses.

If anything other than a Trojan Rule is causing the blocking action, then this can be overcome by writing a new Firewall Rule. Again, you need to know the IP address of the remote, and what local ports are being affected. A way I use, is to write a temporary rule that allows everything on all ports in/out from/to anyone. Set this rule to be logged or monitored. Run the offending app or start you FTP server and try to access it, whichever you are fixing (do this one step at a time or the logs will be VERY confusing). Then either remove or disable the new rule (as this opens up your system!), then check the logs. You should see what traffic is running on what ports. You can then use this info to write the new rule. Repeat this proceedure for each issue.

Once you've created the new rules, all should be okay. It's just a balance between security and functionality!

Hope this helps :)

Ditch it? :eek:

I personally NPF has done a good job, but this problem is a real pain in the rear end. What other firewalls are there that are good and similar features of NPF (e.g. web site logging, connection logging, popup blocking and firewalling all in one without the bloat). I also have lots of websites configured in NPF to block/allow popups and to transfer it all over sounds like a mammoth task.

:(

Kerio personal firewall will give you everything that NIS will and use less memory. !!!

<mod edit: Chris W>spammer banned....

address harvesters see Stardust@mebs.us :)

Want to bump many more old threads with the same post?

...I also do not particularly want to upgrade to any products above 2001 as they appear to be fairly bloated...


I find it curious that you should say this and yet you use Norton? :-)