How it Works
AVIRA
Loading...
A
B
F
I
M
N
P
S
U
W
Loading...
Loading...
PREMIUM SECURITY SUITE - FIREWALL 07-2009
User Manual
38 pgs3.25 Mb0

AVIRA PREMIUM SECURITY SUITE - FIREWALL 07-2009, FIREWALL PREMIUM SECURITY SUITE User Manual

HowTo
Firewall Avira Premium Security Suite
Avira Support
July 2009
Contents
1. BASIC KNOWLEDGE ABOUT THE FIREWALL.......................................................................................3
2. EXPLANATION OF THE TERMS..................................................................................................................3
3. CONFIGURATION POSSIBILITIES..............................................................................................................5
3.1.1 Block all..................................................................................................................................................7
3.1.2 Custom....................................................................................................................................................7
3.1.3 High........................................................................................................................................................8
3.1.4 Medium...................................................................................................................................................8
3.1.5 Low.........................................................................................................................................................9
3.2.1Adapter rules.........................................................................................................................................11
3.2.1.1 Incoming Rules............................................................................................................................................11
3.2.1.2 Outgoing rules..............................................................................................................................................12
3.2.2 Application rules..................................................................................................................................14
3.2.2.1 Add application............................................................................................................................................14
3.2.2.2 Application settings .....................................................................................................................................15
3.2.3 Trusted vendors....................................................................................................................................16
3.2.3.1 Trusted vendors for user...............................................................................................................................16
3.2.3.2 Automatically allow applications created by trusted vendor.........................................................................17
3.2.3.3 Vendors........................................................................................................................................................18
3.2.3.4 Remove........................................................................................................................................................19
3.2.3.5 Reload..........................................................................................................................................................20
3.2.4 Settings.................................................................................................................................................21
3.2.4.1 Automatic rule timeout ................................................................................................................................21
3.2.4.2 Advanced options.........................................................................................................................................21
3.2.4.3 Notifications.................................................................................................................................................22
3.2.4.4 Application rules..........................................................................................................................................24
3.2.5 Pop-up settings.....................................................................................................................................25
3.2.5.1 Pop-up settings.............................................................................................................................................25
3.2.5.2 Remember action for this application...........................................................................................................26
3.2.5.3 Show details ................................................................................................................................................27
3.2.5.4 Allow privileged ..........................................................................................................................................28
4. GENERAL INFORMATION ABOUT PARENTAL CONTROL...............................................................30
4.3.1 Properties of the role............................................................................................................................32
5. CHANGING THE UPDATE INTERVALS...................................................................................................34
- 2 -
1. Basic Knowledge about the Firewall
A firewall works with network protocols like e.g. TCP, UDP, IT, etc.
A simple example for the building up of a connection is also called handshake procedure. This example shows how a communication between two computers in the Internet is build up.
Computer A sends a package with the information that it wants to build up a
connection to computer B
Computer B answers that it is ready
Computer A confirms the answer of Computer B
The connection between Computer A and B is now build up and the data
interchange can begin.
2. Explanation of the terms
TCP:
The Transmission Control Protocol (TCP) is an agreement (protocol) about the way in which computers interchange data.
UDP:
The User Datagram Protocol (UDP) is a minimal connectionless network protocol. In order to send the data with UDP to the right program on the target computer, so­called ports are used. Therefore the port number of the service which contains the data is also sent. Additionally UPD offers an integrity check by sending a check sum. Thereby an incomplete transmission can be detected.
Flooding:
Flooding is a kind of overflow in a network caused by packages. Flooding can paralyze the data transmission in a network (or of a single computer) as the computer or the network is overflowed by a mass of requests and cannot react anymore. You can compare that to a traffic jam on a freeway.
Ports:
A port can be compared to a house number. The difference is that a house, here a computer can have several numbers. A port is a part of an address which assigns the arriving package to an application.
Example: Port 110 is responsible for the service POP3 and guarantees the access to the email server. Special applications use port numbers which are assigned firmly by IANA and are generally known. Usually the ports are numbered from 0 to 1023 and are called Well Known Ports. Producers of applications can register ports for their own
- 3 -
protocols if necessary, similar to domain names. The registration of the ports offers the advantage that an application can be identified according to the port number, but only if the application uses the IANA registered port. The rest of the ports from port number 49152 to 65535 are so called Dynamic and/or Private Ports. You find further information on the following website:
http://www.iana.org/assignments/port-numbers
Port scan:
Port scans are executed in order to spy out free ports on the computer. If a computer provides a server service to others, it opens a TCP/IP or UDP port or both or several ports. A web server has to open the port 80. A port scan finds out which ports are opened on the computer. In order to see which ports are actually opened on your computer you can execute a test on the following website:
http://www.port-scan.de/index2.php
IP:
In order to get connected to a computer the Internet Protocol (IP) identifies it with a definite IP address. In case you send a letter to a friend you have to write the street and the city on it. The IP address has the same function.
Host File:
Sometimes the host file is used to block known web servers by entering the local host (127.0.0.1), so that all requests are sent to the own system. The specialty of this method is that the blockage is valid in the whole system and is not limited to the browser as web filters are. Furthermore you can use these filters against some malware programs if they are trying to get commands from already known servers.
URL:
Uniform Resource Locators (URL) are a kind of Uniform Resource Identifiers (URLs). URLs identify and locate a resource via the used network protocol (e.g. HTTP or FTP) and the location of the resource in the computer networks. As URLs are the first and most frequent kind of URLs the terms are often used as synonyms. In colloquial language URL is frequently used as a synonym for Internet addresses like e.g. www.avira.com.
Slide-Up:
A slide-up is a small window which appears slowly top right or down right on your screen and disappears after an interaction or after some time.
- 4 -
3. Configuration Possibilities
3.1 Security Level
First you have to decide which security level you want to use. A security level which is too high might cause a dysfunction of some system functions. Using a security level which is to low you run the risk that not all accesses to your computer are blocked.
In general, we can say: In case the PC is not connected to a local network and no network-compatible device (e.g. network printer) is located near the PC, the security level can be “High”. That means the computer is invisible in the network. Furthermore connections form outside are blocked and flooding and port scan are prevented. This is the default setting after the installation of the Avira Premium Security Suite.
In case the PC is located in a network environment or the PC should access to network devices like e.g. network printer, the security level should be set on “Medium”. “High” might block the network printer or not recognize it as the firewall does not know that a printer is available.
Please, proceed as follows:
Start the Avira AntiVir Control Center
You can start it by a left double click on the umbrella symbol. The tray icon is located in the task bar, down right next to the system time.
- 5 -
Open the register "Online protection"
The register is opened by a left mouse click on the register “Online protection”. The register “Online protection” is located on the left side of the Control Center.
Open firewall settings
A click on “Firewall” on the submenu of “Online protection” opens the configuration of the Avira Firewall. This menu appears on the right side in the main window of the Control Center.
- 6 -
Adaption of the Security Level of the Firewall
By clicking and keeping hold of the security level controller you can adapt the security level. The possible levels are “Low”, “Medium”, “High”, “Custom” and “Block all”. You can find a description of the levels directly on the right side of the controller.
Please, choose the level “Medium”, in case any problems with network printers, removable hard disk or similar network connections should occur.
3.1.1 Block all
All network connections are blocked.
3.1.2 Custom
You can choose user defined rules in the configuration (view chapter 3.2 Configuration).
- 7 -
3.1.3 High
The computer is invisible in the network and the connection coming from outside are blocked. Flooding and port scan are prevented.
3.1.4 Medium
In comparison to the firewall setting “High”, the computer is visible in the network and receives TCP and UDP requests. These requests are refused. TCP and UDP packages which are received unexpectedly are not attended and accepted. Flooding and port scan are prevented.
- 8 -
Also using the level “Medium”, problems with the network can occur. In this case you should change the level to “Low”. The preset level is more distinctive in the security level “Medium”. That means with “Medium” some TCP and UDP package requests are recognized and forwarded automatically. Others are refused.
3.1.5 Low
Also the level “Low” offers you the protection of the Avira Firewall. Flooding and port scan are not prevented, only detected. These are the most frequent methods for finding vulnerabilities on your computer.
- 9 -
In case these settings are not enough for you or you have to activate different ports for an application, you can find more configurations in chapter 3.2 Configuration.
3.2 Configuration
Click with the right mouse button on the tray icon in the task bar and choose the point “Configure AntiVir”. You also have the possibility to start the configuration via the Avira Control Center by opening the Control Center and by clicking on “Configuration” top right or by pressing F8, or via Extras –> Configuration.
In the configuration you can find the button “Firewall” on the left side. Activate the expert mode in order to have access to all possible settings. Here you can configure the adapter rules, the application rules, trusted vendors, general settings and popup settings.
- 10 -
3.2.1 Adapter rules
Each hardware entity which is simulated by software or each hardware entity (e.g. a network interface card) is seen as an adapter (e.g. Miniport, Bridge Connection, etc.) The Avira Firewall shows the adapter rules for all adapters which exist on your computer and for which a driver is installed.
A predefined adapter rule is dependent on the security level. You can change the se­curity level via the Avira Control Center like it is described in chapter 3.1 or change the adapter rules as you want. After you have changed the adapter rules the control­ler of the firewall is placed on the security level “Custom”.
3.2.1.1 Incoming Rules
Incoming rules help to control the incoming data traffic with the Avira Firewall.
Example:
You want to add the IP address 10.40.30.20.
If you click on “Add rule”, a window opens with different predefined rules. There you choose “IP” and confirm with “OK”.
In your “Incoming rules” you can find the point “Incoming IP rule”. Choose this point. You can also rename it. You can now enter the IP and its mask into the marked box below and enable or block it. You can also decide if the package should be written into the log file or not.
- 11 -
3.2.1.2 Outgoing rules
Outgoing rules help to control the outgoing data transfer by means of the Avira Firewall. You can define an outgoing rule for the following protocols: IP, ICMP, UDP and TCP. In order to enter settings for the “Outgoing rules” you can proceed in the same way as for the settings of the “Incoming rules”.
Examples:
Peer to Peer
In case you should use e.g. interchange systems, file systems or file sharing systems, you can use the default templates. You only have to enable the needed TCP and UDP ports.
- 12 -
Loading...
+ 26 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use