McAfee Firewall version 3.0 User Manual

McAfee Firewall
VERSION 3.0
GETTING STARTED
COPYRIGHT
© September 2001 Networks Associates Technology, Inc and its Affiliated Companies. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of Network Associates, Inc.
Active Security, Activehelp, Activeshield, Antivirus Anyware And Design, Bomb Shelter, Building A World Of Trust, Certified Network Expert, Clean-up, Cleanup Wizard, Cloaking, Cnx, Cnx Certification Certified Network Expert And Design, Cybercop, Cybermedia, Cybermedia Uninstaller, Data Security Letter And Design, Design (Logo), Design (Rabbit With Hat), Design (Stylized N), Disk Minder, Distributed Sniffer System, Distributed Sniffer System (In Katakana), Dr Solomon's, Dr Solomon's Label, Enterprise Securecast, Ez Setup, First Aid, Forcefield, Gauntlet, Gmt, Groupshield, Guard Dog, Helpdesk, Homeguard, Hunter, I C Expert, Isdn Tel/scope, Lan Administrature Architecture And Design, Langura, Languru (In Katakana), Lanwords, Leading Help Desk Technology, Lm1, M And Design, Magic Solutions, Magic University, Magicspy, Magictree, Magicword, Mc Afee Associates, Mcafee, Mcafee (In Katakana), Mcafee And Design, Netstalker, Mcafee Associates, Moneymagic, More Power To You, Multimedia Cloaking, Mycio.com, Mycio.com Design (Cio Design), Mycio.com Your Chief Internet Officer & Design, Nai And Design, Net Tools, Net Tools (And In Katakana), Netcrypto, Netoctopus, Netroom, Netscan, Netshield, Netstalker, Network Associates, Network General, Network Uptime!, Netxray, Notesguard, Nuts & Bolts, Oil Change, Pc Medic, Pc Medic 97, Pcnotary, Pgp, Pgp (Pretty Good Privacy), Pocketscope, Powerlogin, Powertelnet, Pretty Good Privacy, Primesupport, Recoverkey, Recoverkey ­International, Registry Wizard, Reportmagic, Ringfence, Router Pm, Salesmagic, Securecast, Service Level Manager, Servicemagic, Smartdesk, Sniffer, Sniffer (In Hangul), Sniffmaster, Sniffmaster (In Hangul), Sniffmaster (With Katakana), Sniffnet, Stalker, Stalker (Stylized), Statistical Information Retreival (Sir), Supportmagic, Telesniffer, Tis, Tmach, Tmeg, Total Network Security, Total Network Visibility, Total Service Desk, Total Virus Defense, Trusted Mach, Trusted Mail, Uninstaller, Virex, Virus Forum, Viruscan, Virusscan, Vshield, Webscan, Webshield, Websniffer, Webstalker, Webwall, Who's Watching Your Network, Winguage, Your E-business Defender, Zac 2000, Zip Manager are registered trademarks
of Network Associates, Inc. and/or its affiliates in the US and/or other countries. All other registered and unregistered trademarks in this document are the sole property of their respective owners. ©2001Networks Associates Technology, Inc. All Rights Reserved.
Issued September 2001 / Getting Started v3.0
McAfee Perpetual End User License Agr eement - United Stat es of America
NOTICE TO ALL USERS: CAREFULLY READ T HE FOLLOWING LEGAL AGR EEMENT ("AGREEMENT"), FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") PRODUCED BY NETWORK ASSOCIATES, INC. ("McAfee"). BY CLICKING THE ACCEPT BUTTON OR INSTALLING THE SOFTWARE, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, CLICK THE B UT TON THAT INDICATES THAT YOU DO NOT AC CEPT THE TERMS OF T HIS AGREEMENT AND DO NOT INSTALL THE SOFTWARE. (IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO THE PLACE OF PURCHASE FOR A FULL REFUND.)
1. License Grant. Subject to the payment of the applicable license fees, and subject to the terms and conditions of this
Agreement, McAf ee hereby grants to you a non-exclu sive, non-transferable right to u se one copy of the specified version of the Software and the accompanying documentation (the "Documentation"). You may install one copy of the Software on one compute r, work station, person al dig ital assi stant, p ager, "sm art phone " or o ther elec tronic device for which the Software was de signed (each, a "Client Device"). If the Software is licensed as a suite or bundle wi th more than one specified Software product, this license applies to all such specified Software products, subject to any restrictions or usage terms specified on the applicable price list or product packaging that apply to any of such Software products individually.
a. Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by
more than one us er at a ti me, except as set f orth in this Sect ion 1. T he Softwar e is "in use" on a C lient De vice when it is loade d into the te mporar y memory (i .e., rando m-acces s memory o r RAM) or ins talled in to the permanent memory (e.g., hard disk, CD-ROM, or other storage device) of that Client Device. This license authorizes you to make one copy of t he Softw are solel y for b ackup or archi val p urposes, provid ed tha t the copy you make contains all of the Softwa re's proprietary notices unalter ed and unobstructed.
b. Server-Mode Use. You may use the Software on a Client Device as a server ("Server") within a multi-user
or networked environ ment ("Server-Mode") only if such use is p ermitted in the applicable price l ist or product packaging for the Software. A separate license is required for each Client Device or "seat" that may connect to the Server at any time, regardless of whether such licensed Client Devices or seats are concurrently connect ed to, accessi ng or using th e Software . Use of softwar e or hardwar e that reduc es the number of Client De vices or seats directly accessing or utilizing th e Software (e.g., "multiplexing" or "pooling" software or hardware) does not reduce the number of licenses required (i.e., the required number of licenses would equ al the num ber of d istinct input s to the mult iplexing o r pooling software or hardware "front end"). If the number of Client Devices or seats that can connect to the Software can exceed the number of licenses you have ob tained, then yo u must have a reasona ble m echani sm in place to ensure tha t your use of the Softw are do es n ot exce ed the use lim its spe cified f or the lice nses you have obtai ned. Thi s license authorizes you to make or downl oad one copy of the Doc um entation for each Clie nt D evice or seat that is licensed, provided that each such copy contains all of the Documentation's proprietary notices unaltered and unobstr ucted.
c. Volume License Use. If the Soft ware is licen sed with volume license terms specified in th e applicable
product invoicing or product packaging for the Software, you may make, use and install as many additional copies of the Software on the number of Client Devices as the volume license terms specify. You must have a reasonable mech anism in place to ensure that the number of C lient Devices on w hich the Software has been installed does not ex ceed the number of licenses you have obta ined. This license aut horizes you to make or download on e copy of the Documentation for each additional copy authorized by the vol ume license, provided that each such copy contains all of the Documentation's proprietary notices unaltered and unobstructed.
2. Term. This Agreement is effective for an unlimited duration unless and until earlier terminated as set forth herein. This
Agreement will termi nate automa tically i f you fail to comply wi th any of the limitatio ns or othe r requireme nts descri bed herein. Upon any termination or expiration of this Agreement, you must cease use of the Software and destroy all copies of the Software and the Docu mentation.
Getting Started iii
3. Updates. For the time period specified in the applicable product invoicing or product packaging for the Software, you
are entitled to download revisions or updates to the Software when and as McAfee publishes them via its electronic bulletin board system , we bsite or t hro ugh ot her on line ser vice s. For a peri od of n inet y (90) d ay s from t he da te of t he of original pur chase of the So ftwar e, you are enti tled to downlo ad one ( 1) re visio n or upg rade to the Soft ware wh en and as McAfee publishes it via its electronic b ulletin board system , website or throu gh other online servi ces. After the specified time period, you have no further rights to receive any revisions or upgrades without purchase of a new license to the Software.
4. Ownership Rights. The Software is p rotected by United S tates copyright laws a nd international tre aty provisions.
McAfee and its suppliers own and retain all right, title and interest in and to the Software, including al l copyrights, patents, trade secret right s, tradem ark s and o ther i ntelle ctual proper ty rig hts th erein . You r po ssession, in stallatio n, or use of the Software does not transfer to you any title to the intellectual property in the Software, and you will not acquire any rights to the Software except as expressly set forth in this Agreement. All copies of the Software and Documentation m ade hereunder must cont ain the same proprietar y notices that appear on an d in the Software and Documentation.
5. Restrictions. You ma y not sell, lease, license, rent, loan or otherwise tr ansfer, with or without consi deration, the
Software. You shall n ot di sclose the resul ts of an y b enchma rk te st tha t you ma ke of t he Soft ware to any th ird parti es without McAfee' prior written conse nt. Customer agrees not to permit an y third party (other than third parties und er contract with Customer whic h cont ains non disclosure obligat ions no less restr ictive tha n those set forth here in) to use the Licensed Program in any form and shall use all reasonable efforts to ensure that no improper or unauthorized use of the Licensed Program is made. You may not permit third parties to benefit from the use or functionality of the Software via a timesharing, service bureau or other arrangement, except to the extent such use is specified in the applicable list price or product pa ckaging for the Software. You may not tra nsfer any of the rights granted to you under this Agreement. You may not reverse engineer, decompile, or disassemble the Software, except to the extent the foregoing restriction is expressly prohi bited by applicable law. You may not mo dify, or create derivative wo rks based upon, the Software in whole o r in part. You ma y not copy the Softwa re or Documentation except as expressly pe rmitted in Section 1 above. You ma y no t remove any p roprie tary noti ces or la bels on the So ftware . All rig hts not expre ssly set forth hereunder are reserved by McAfee.
6. Warranty and Disclaimer.
a. Limited Warranty. McAfee warrants that for sixty (60) days from the date of original purchase the media
(e.g., diskettes) on which the Software is contained will be free from defects in materials and workmanship.
b. Customer Remedies. McAfee's and its suppliers' entire liability and your exclusive remedy for any breach
of the foregoing war ranty shall be , at McAfe e's option, either (i ) return of t he purchase pri ce paid fo r the license, if any, or (ii) replacement of the defective media in which the Software is contained. You must return the defective media to McAfee at your expense with a copy of your receipt. This limited warranty is void if the defect has re sulted from accident, abuse, or mi sapplication. Any replacement m edia will be warranted for the remainder of the original warranty period. Outside the United States, this remedy is not available to the extent McAfee is subject to restrictions under United States export control laws and regulations.
c. Warranty Disclai mer. Except for the limi ted warra nty set fo rth herei n, THE SOFTWARE IS PROVIDED
"AS IS." TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MCAFEE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT WITH RESPECT TO THE SOFTWARE AND THE ACCOMPANYING DOCUMENTATION. YOU ASSUME RESPONSIBILITY FOR SELECTING THE SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF, USE OF, AND RESULTS OBTAINED FROM THE SOFTWARE. WITHOUT LIMITING THE FOREGOING PROVISIONS, MCAFEE MAKES NO WARRANTY THAT THE SOFTWARE WILL BE ERROR-FREE OR FREE FROM INTERRUPTIONS OR OTHER FAILURES OR THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS. SOME STATES AND JURISDICTIONS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES, SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU. The foregoing provisions shall be enforceable to the maximum extent permitted by applicable law.
iv McAfee Firewall
7. Limitation of Liability. UNDER NO C IRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN
TORT, CONTRACT, OR OTHERWISE, SHALL MCAFEE OR ITS SUPPLIERS BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR FOR ANY AND ALL OTHER DAMAGES OR LOSSES. IN NO EVENT WILL MCAFEE BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE LIST PRICE MCAFEE CHARGES FOR A LICENSE TO THE SOFTWARE, EVEN IF MCAFEE SHALL HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF LIABILIT Y SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY TO THE EXTENT THAT APPLICABLE LAW PROHIBITS SUCH LIMITATION. FURTHERMORE, SOME STATES AND JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION AND EXCLUSION MAY NOT APPLY TO YOU. T he foregoing provisions shall be enforceable to the maximum extent pe rm it te d by a pplicable law.
8. United States Government. The Software and accompanying Documentation are deemed to be "commercial
computer software" and "commercial computer software documentation," respectively, pursuant to DFAR Section
227.7202 and FAR Se ction 12.212, as ap pli ca bl e. Any use, modifica ti on, reproduction, rele ase, performance, di splay or disclosure of the Software and ac compan ying Doc umentati on by th e Unite d States Governme nt shall b e govern ed solely by the terms of this Ag reem ent a nd shall be prohib ited e xcep t to the e xtent expre ssly perm itt ed by th e terms of this Agreement.
9. Export Controls. You are advised that the So ftware is subj ect to the U .S. Export Adm inistration Regulatio ns. You
shall not export, import or transfer Software contrary to U.S. or other applicable laws, whether directly or indirectly, and will not cause, approve or otherwise facilitate others such as agents or any third parties in doing so. You represent and agrees that neither the United States Bureau of Export Administration nor any other federal agency has suspended, revoked or denied your export privileges. You agree not t o use or transfer the Software for end use rel ating to any nuclear, chemical or biological weapons, or missile technology unless authorized by the U.S. Government by regulation or specific license. Ad ditionally, you acknowledg e that the Software is subject to exp ort control regulations in the European Union and yo u here by decl are a nd ag ree t hat t he Soft ware wil l not be use d for a ny other purpose than c ivil (non-military) purposes. The parties agree to cooperate with each other with respect to any application for any required licenses and approval s, ho w ev er, you acknowledge it is your ultimat e re sponsi bi li ty to comply with any and all export and import laws and that McAfee has no further responsibility after the initial sale to you within the original country of sale.
10. High Risk Activities. The Software is not fault-tolerant and is not designed or intended for use in hazardous
environments requiring fail-safe performance, including without limitation, in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, weapons systems, direct life-support machines, or any other application in which the failure of the Software could lead directly to death, personal injury, or severe physical or property damage (c oll e ctively, "High Risk Ac t ivi ties"). McAfee expressly disclaims any expres s or implied warranty of fitness for High Risk Activities.
11. Miscellaneous. This Agreement is governed by the laws of t he United St ates and the St ate of Californi a, without
reference to conflict of laws principles. The application of the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. This Agreement sets forth all rights for the user of the Software and is the entire agreement between the parties. McAfee reserves the right to periodically audit you to ensure that you are not using any Software in violatio n of this Agreement. During your sta ndard business hours and upon prior w ritten notice, McAfee m ay vi sit you an d you wi ll ma ke a vail able to M cAfee or its rep rese ntativ es an y r ecord s pert aini ng to the Software to McAfe e. T he cost of any requested audit will be solely borne by McAfee, unless such audit di scl ose s an underpayment or a m ount due to McAfee in exce ss of five percent (5%) of the initi al li cense fee for the Software or you are using the Software in an unauthorized manor, in which case you shall pay the cost of the audit. This Agreement supersedes any other co mmuni cations with respect t o the Softw are and Doc ument ation. Thi s Agreeme nt may not be modified except by a written ad dendum issue d by a duly au thorized re presentative of McAfee. No provision here of shall be deemed waived unless such waiver shall be in writing and signed by McAfee or a duly authorized representative of McAfee. If any prov ision of t his Agreem ent i s held i nvali d, th e rem ainder of t his Agreem en t shall c ontin ue in ful l force and effect. The parties confirm that it is the ir wish that this Agreeme nt has been written in the Engli sh la nguage only.
Getting Started v
12. MCAFEE CUSTOMER CONTACT. If you have any questions co ncerning these t erms and conditions, or if you
would like to contact McAfee for any other reason, please call (408) 988-3832, fax (408) 970-9727, or write: Network Associates, Inc., McAfee Software Division, 3965 Freedom Circle, Santa Clara, California 95054. http://www.nai.com.
McAfee Perpetual End User License Agr eement - Canada
NOTICE TO ALL USERS: CAREFULLY READ THE FOLLOWING LEGAL AGREEMENT ("AGREEMENT"), FOR THE LICENSE OF SPECIFIED SOFTWARE ("SOFTWARE") BY NETWORK ASSOCIATES INTERNATIONAL B.V. ("McAfee"). BY CLICKING THE ACCEPT BUTTON OR INSTALLING THE SOFTWARE, YOU (EITHER AN INDIVIDUAL OR A SINGLE ENTITY) CONSENT TO BE BOUND BY AND BECOME A PARTY TO THIS AGREEMENT. IF YOU DO NOT AGREE TO ALL OF THE TERMS OF THIS AGREEMENT, CLICK THE B UT TON THAT INDICATES THAT YOU DO NOT AC CEPT THE TERMS OF T HIS AGREEMENT AND DO NOT INSTALL THE SOFTWARE. (IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO THE PLACE OF PURCHASE FOR A FULL REFUND.)
1. License Grant. Subject to the payment of the applicable license fees, and subject to the terms and conditions of this
Agreement, McAf ee hereby grants to you a non-exclu sive, non-transferable right to us e one copy of the specified version of the Software and the accompanying documentation (the "Documentation"). You may install one copy of the Software on one compute r, work station, person al digit al assistant , pager, "smar t phone" or o th er electro nic de vice for which the Software was d esigned (each, a "Clien t D evice"). If the Software is licensed as a s u ite or bundle w ith more than one specified Software product, this license applies to all such specified Software products, subject to any restrictions or usage terms specified on the applicable price list or product packaging that apply to any of such Software products individually which you acknowledge you have received and read.
a. Use. The Software is licensed as a single product; it may not be used on more than one Client Device or by
more than one us er at a ti me, except as set f orth in this Sect ion 1. T he Softwar e is "in use" on a C lient De vice when it is loade d into the t emporar y memory (i .e., rando m-acces s memory or RAM) or ins talled in to the permanent memory (e.g., hard disk, CD-ROM, or other storage device) of that Client Device. This license authorizes you to make one cop y of the Softw are sol ely for b ackup or ar chival p urpo ses, prov ided that t he copy you make contains all of the Software's proprietary notices unaltered and unobstructe d.
b. Server-Mode Use. You may use the Software on a Client Device as a server ("Server") within a multi-user
or networked environ ment ("Server-Mode") only if such use is permitted in the applicable pric e list or product packaging for the Software which you acknowledge you have received and read. A separate license is required for eac h Client De vice or " seat" th at may c onnect to the Serve r at any t ime, reg ardles s of whethe r such licensed Client Devices or seats are concurrently connected to, accessing or using the Software. Use of software or hardware that reduces the number of Client Devices or seats directly accessing or utilizing the Software (e.g., "mul tiplexing" or "pool ing" software or hard ware) doe s not re duce th e number of lice nses required (i.e., the required number of licenses would equal the number of distinct inputs to the multiplexing or pooling software or hardw are "fro nt end" ). If the num ber of C lient Dev ices or sea ts that ca n conne ct to the Software can e xceed the number of licenses you h ave obtained, then you must have a reasonable mechanism in place to ensure that your use of the Software does not exceed the use limits specified for the licenses you have obtained. This license authorizes you to make or download one copy of the Documentation for each Client Device or seat that is licensed, provided that each such copy contains all of the Documentation's proprietary notices unaltered and unobstructed.
c. Volume License Use. If the Software is licensed with volume license terms specified in the applicable price
list or product p ac ka gi ng for the Software, you may make, use and install as ma ny additional copie s of the Software on the numbe r of Clie nt Devices a s the vol ume lice nse autho rizes. Yo u must have a reason able mechanism in place to ensure that the number of Client Devices on which the Software has been installed does not exceed the number of licenses you have obtained. This license authorizes you to make or download one copy of the Docum entation for each additional cop y authorized by th e volume license , provided that each such copy contains all of the Documentatio n's proprietary notices unaltered and unobstructed.
2. Term. This Agreement is effective for an unlimited duration unless and until earlier terminated as set forth herein. This
Agreement will termi nate automa tically if you fail to comply wi th any of t he limitat ions or ot her requir ements descr ibed herein. Upon any termination or expiration of this Agreement, you must cease use of the Software and destroy all copies of the Software and the Documentation.
vi McAfee Firewall
3. Updates. For the time pe riod specified in the ap plicable price list or product packaging for the Software, you a re
entitled to download revisions or updates to the Software when and as McAfee publishes them via its electronic bulletin board system, website or through other online services. For a period of ninety (90) days from the date of the of original purchase of the Software, you are entitled to download one (1) revision or upgrade to the Software when and as McAfee publishes it via its el ectronic bulletin boa rd system, website or thr ough other online servi c es. After the specified t im e period, you have n o further rights to receive any revisions or upgrades without p urchase of a new license to the Software.
4. Ownership Rights. The Software is p rotected by United S tates copyright laws a nd international tre aty provisions.
McAfee and its suppliers own and retain all right, title and interest in and to the Software, including all cop yrights, patents, trade secret right s, trade mark s and o ther i ntelle ctual proper ty rig hts th erein . You r po ssession, in stallatio n, or use of the Software does not transfer to you any title to the intellectual property in the Software, and you will not acquire any rights to the Software except as expressly set forth in this Agreement. All copies of the Software and Documentation m ade hereunder must cont ain the same proprietar y notices that appear on and in the Software and Documentation.
5. Restrictions. You may not sell, lease, l icense, rent, loan or other wise transfer, with or wit hout consideration, the
Software. You shall not discl ose the results o f any b enchm ark t est t hat you m ake of the Softwa re to any th ird pa rties without McAfee's prior written consent. You agree not to permit any third party (other than third parties under contract with you which cont ract contains no ndisclosure obligat ions no less restrictiv e than those set f orth herein) to use t he Software in any form and shall use al l re asonable efforts to ensure th a t th ere is no im proper or unauthorized us e of t he Software. You may not permit third parties to benefit from the use or functionality of the Soft w are via a timesharin g, service bureau or other arrangement, except to the extent such use is specified in the applicable list price or product packaging for the Software. You may not transfer any of the rights granted to you under this Agreement. You may not reverse engineer, d ecompile, or disasse mble the Soft ware, except to the extent th e foregoing rest riction is expre ssly prohibited by applicable law. The interface information necessary to achieve interoperability of the Software with independently created compu ter pro gram s will be sup plied by Mc Afee on re quest and on payme nt of suc h reasona ble costs and expenses of McAfee in su pplying tha t information . You may not m odify, or crea te derivat ive works based upon, the Software in whole or in part. You may not copy the Software or Documentation except as expressly permitted in Section 1 above. You may not remove or alter any proprieta ry notices or labels on the Software or D ocumentation. All rights not expressly set forth hereun de r are reserved by McAfee.
6. Warranty and Disclaimer.
a. Limited Warranty. McAfee warrants that for sixty (60) days from the date of original purchase the media
(e.g., diskettes) on which the Software is contained will be free from defects in materials and workmanship.
b. Customer Remedies. McAfee's and it s s upp lier s' ent ire l ia bil ity and y our exc lus ive r em edy fo r an y br eac h
of the foregoing w arranty shall be, at McAfee 's option, eithe r (i) return of the purch ase price pai d for the license, if any, or (ii) replacement of the defective media in which the Software is contained. You must return the defective media to McAfee at your expense with a copy of your receipt. This limited warranty is void if the defect has re sulted from accident, abuse, or mi sapplication. Any replaceme nt media will be warranted for the remainder of the original warranty period. Outside the United States, this remedy is not available to the extent McAfee is subject to restrictions under United States export control laws and regulations.
Getting Started vii
c. Warranty Disclaimer. Except for the limited warran ty se t fo rth he rein , THE SOFTWARE IS
PROVIDED "AS IS." TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, MCAFEE DISCLAIMS ALL WARRANTIES, REPRESENATIONS AND CONDITIONS, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OR CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT WITH RESPECT TO THE SOFTWARE AND THE ACCOMPANYING DOCUMENTATION. YOU ASSUME RESPONSIBILITY FOR SELECTING THE SOFTWARE TO ACHIEVE YOUR INTENDED RESULTS, AND FOR THE INSTALLATION OF, USE OF, AND RESULTS OBTAINED FROM THE SOFTWARE. WITHOUT LIMITING THE FOREGOING PROVISIONS, MCAFEE MAKES NO WARRANTY, REPRESENTATION OR CONDITION THAT THE SOFTWARE WILL BE ERROR-FREE OR FREE FROM INTERRUPTIONS OR OTHER FAILURES OR THAT THE SOFTWARE WILL MEET YOUR REQUIREMENTS. SOME STATES AND JURISDICTIONS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES, SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU.
7. Limitation of Liability. UNDER NO C IRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER IN
TORT, CONTRACT, OR OTHERWISE, SHALL MCAFEE OR ITS SUPPLIERS BE LIABLE TO YOU OR TO ANY OTHER PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION, OR FOR ANY AND ALL OTHER DAMAGES OR LOSSES. IN NO EVENT WILL MCAFEE BE LIABLE FOR ANY DAMAGES IN EXCESS OF THE LIST PRICE MCAFEE CHARGES FOR A LICENSE TO THE SOFTWARE, EVEN IF MCAFEE SHALL HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMIT ATION OF LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY TO THE EXTENT THAT APPLICABLE LAW PROHIBITS SUCH LIMITATION. FURTHERMORE, SOME STATES AND JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION AND EXCLUSION MAY NOT APPLY TO YOU. Th e foregoing provisions shall be enforceable to the maximum extent pe rm it te d by a pplicable law.
8. United States Government. The Software and accompanying Documentation are deemed to be "commercial
computer software" and "commercial computer software documentation," respectively, pursuant to DFAR Section
227.7202 and FAR Se ction 12.212, as ap pli ca bl e. Any use, modifica ti on, reproduction, release, performance, di splay or disclosure of the Software and ac compan ying Doc umentati on by th e Unite d States Governme nt shall b e govern ed solely by the terms of this Agree men t and sha ll be prohib ited except t o the exte nt ex pressly pe rmitt ed by th e terms of this Agreement.
9. Export Controls. You have been ad vised that t he Software is sub ject to th e U.S. Export Administra tion Regula tions
and applicable loca l export contr ol laws. You sh all not export , import or t ransfer Products c ontrary to U.S. or other applicable local laws, whether directly or indirectly, and will not cause, approve or otherwise facilitate others such as agents or any third parties in doing so. If applicable to you, you represent and agree that neither the United States Bureau of Export Administration nor any other federal agency has suspended, revoked or denied your export privileges. You agree not to u se or t ransfer t he Softwa re for e nd use relating to any n ucle ar, chem ical or bi ologica l weapo ns, or missile technology unless authorized by the U.S. Government and any other applicable local authority by regulation or specific license. Additiona lly, you acknowledge that the Software is subject to e xport control regulations in the European Union and yo u here by decl are and ag ree t hat t he Soft ware will not be used f or a ny ot her pu rpose t han c ivil (non-military) purposes. The parties agree to cooperate with each other with respect to any application for any required licenses and approval s, ho w ever, you acknowledge it is your ulti m at e re sponsibility to comply with any and a ll expo rt and import laws and that McAfee has no further responsibility after the initial sale to you within the original country of sale.
viii McAfee Firewall
10. High Risk Activities. The Software is not fault-tolerant and is not designed or intended for use in hazardous
environments requiring fail-safe performance, including without limitation, in the operation of nuclear facilities, aircraft navigation or communication systems, air traffic control, weapons systems, direct life-support machines, or any other application in which the failure of the Software could lead directly to death, personal injury, or severe physical or property damage (c oll e ctively, "High Risk Ac t ivi ties"). McAfee expressly disclaims any expres s or implied warranty or condition of fitness for High Risk Activit ies .
11. Miscellaneous. This Agreement i s governed by the laws of the Neth erlands. The app lication of the Uni ted Nations
Convention of Contracts for the International Sale of Goods is expressly excluded. Disputes with respect to this Agreement, as well as with respect to its conclusion and execution, will be submitted exclusively to the competent court in Amsterdam. This Agree ment s ets f ort h all rig hts f or the u se r of th e Soft ware a nd is t he en tir e agree ment b et ween th e parties. McAfee reserv es the right to pe riodica lly audi t you t o ensu re tha t you are no t using an y Softwa re in viola tion of this Agreement. During your standard business hours and upon prior written notice, McAfee may visit you and you will make available to McAfee or its representatives any records pertaining to the Software to McAfee. The cost of any requested audit will be solely borne by McAfee, unless such audit discloses an underpayment or amount due to McAfee in excess of five percent (5%) of the initial license fee for the Software or you are using the Software in an unauthorized manor, in which case you shall pay t he cost of the au dit. This Agre eme nt su persed es any ot her co mmu nica tions wi th respect to the Software and Documentation. This Agreement may not be modified except by a written addendum issued by a duly authorized repre sentative of McAfee. No provision hereof shall be deemed waived unl ess such waiver shall be in writing and signed by McAfee or a duly authorized representative of McAfee. If any provision of this Agreement is held invalid, the rem ainde r of this Agre emen t shall c ontin ue in full forc e and e ffect. T he par ties have req uired that this Agreement and all documents relating thereto be drawn up in English. Les parties ont demandé que cette convention ainsi que tous les documents que s'y attachent soient rédigés en anglais.
12. MCAFEE CUSTOMER CONTACT. If you ha ve any questions c oncerning these t erms and conditions, or if you
would like to cont act McAfee for any other reason, please call +31 20 586 61 00 or write: McAfee, Gatwickstraat 25, 1043 GL Amsterdam, Netherlands. You will find our Internet web-site at http://www.nai.com.
Getting Started ix
x McAfee Firewall
Table of Conte nts
Chapter 1. Welcome to McAfee Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
About McAfee Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
New in This Release . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13
How McAfee Firewall Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14
About McAfee Firewall Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
McAfee Firewall On-line Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16
Chapter 2. Installing McAfee Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
System requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
About Winsock 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Installation Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Troubleshooting installation problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Step 1: Clean up your hard drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21
Step 2: Remove temporary files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Step 3: Close other software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Chapter 3. The Firewall Inductive User Interface . . . . . . . . . . . . . . . . . . . . . . . .25
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Chapter 4. Intrusion Detection System – (IDS) . . . . . . . . . . . . . . . . . . . . . . . . . .29
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29
How to Configure the Intrusion Detection System . . . . . . . . . . . . . . . . . . . . . . . . . . . .30
Chapter 5. McAfee Firewall Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Control Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31
Default Settings for Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Control System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32
Default Settings for System Activity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
Password Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Getting Started xi
Instructions for Administrators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34
Configuring Network, Display and Logging Controls . . . . . . . . . . . . . . . . . . . . .34
Configuring Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Configuring System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35
Configuration After Adding/Removing Network Devices . . . . . . . . . . . . . . . . .36
Using Password Protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37
Chapter 6. Update your McAfee Product . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Instant Updater . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Why Do You Need to Update? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
How Does the Updating Process Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Instant Updater Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39
Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40
Appendix A. Product Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .41
How to Contact McAfee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Customer Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
www.McAfee-at-Home.com . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42
Appendix B. Common Attacks Recognized by Intrusion Detection . . . . . . . . .43
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .47
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
xii McAfee Firewall

1Welcome to McAfee Firewall

About McAfee Fir ewall

Protect yourself while online with the rock solid security of McAfee Firewall. Easy-to-use, yet highly configurable, McAfee Firewall secures your PCs connection to the Internet whether you connect via DSL, cable modem or dial-up. With its new advanced Intrusion Detection System, color coded security alerts, audible alerts, detailed logging and application scan for Internet capable applications with learning mode, McAfee Firewall gives you all the power you need to control the communications into and out of your PC ensuring that your online experience will be as safe as it is enjoyable.
McAfee Firewall:
• Stops fileshare and printshare access attempts.
• Shows who is connecting (i.e., if you allow sharing)
• Stops floods and other attack packets from being received by the Operating System.
• Blocks untrusted applications from communicating over the network.
1
• Detects hidden programs ("trojans") that can give remote access to your PC or reveal private information (e.g. online banking information).
• Provides detailed information about which sites you have contacted and the type of connection that was made
• Blocks all traffic while you are away, and your PC is connected 24 hours a day.

New in This Release

Intrusion Detection System - Powerful, yet simple to configure, McAfee Firewall's Intrusion Detection System (IDS) detects all common attack types and other suspicious activity. Users are able to easily block all further communication from offenders.
System Application Scan & Learning Mode - McAfee Firewall can be set to scan a PC for programs that can communicate over the Internet and present a list of such programs to the user. Selecting the programs you want to allow, McAfee Firewall's Learning Mode will build a custom rule for the application the first time you use it when you go online.
Getting Started 13
Welcome to McAfee Firewall
Color Coded Firewall Alerts - Easily determine the severity of potential security threats with color coded onscreen alerts similar to modern traffic light patterns. From Green for go, to Yellow for proceed with caution, and Red for the strongest warning to stop and take note of the most serious types of threats, you'll quickly know the level of caution appropriate for each situation.
Customizable Audible Alerts - Don't miss a security or privacy concern just because you happen not to be looking at your computer screen. You'll now be able to hear differe nt sounds that indicate various levels of s everity according to the types of threats your machine is exposed to. Users can also import their own sounds to be used as audible alerts.
Scrolling Marquee of Internet Activity - Be informed of the differen t type s of activity occurring on your Internet connection in real time with this customizable onscreen notification.
ICS/NAT & Home Networking Compatibility - McAfee Internet Security can be used to protect a single machine or number of machines connected together via a small network. Setting up trust relationships within McAfee Firewall for connected machines is a snap.
Enhanced Graphical Display of Network Activity & Attacks - McAfee Firewall now makes it easier than ever to determine what type of activity is taking place when you go online
Easy File Sharing Control - McAfee Firewall takes the mystery out of whether or not you have file sharing active on your system and allows you to control file sharing with ease.
New OS Support - McAfee Internet Security now supports Windows XP and Windows XP themes.

How McAfee Firewall Works

McAfee Firewall is a simple-to-operate security tool for the non-technical users. It dynamically manages your computing security behind the scenes, so that you do not even have to understand networking protocols. It is custom created at the moment it is needed, and only as needed, as you go on to do something else on your computer.
McAfee Firewall filters traffic at the devices that your system uses - network cards and modems. This means that it can reject inbound traffic before that traffic can reach vital functions in your PC and before it can waste valuable system resources.
14 McAfee Firewall
Welcome to McAfee Firewall
It monitors applications that are either trusted or not trusted. When trusted applications need to access a network, it manages everything in the computer to allow that application's traffic. When it detects non-trusted applications trying to access a network, it blocks all traffic to and from that application.
Some network communications are needed to maintain network-based services. These are managed through user defined rules under the SYSTEM button feature of McAfee Firewall. The default SYSTEM settings feature provides protection from hostile threats.
In addition, during the installation process, it will prompt you with some basic questions to set up McAfee Firewall to do specific tasks, according to your needs (e.g. allow sharing of files or not).
NOTE: For more information on how McAfee Firewall works, see
Chapter 5, “McAfee Firewall Configurations.”

About McAfee Firewall Documentation

This Getting Started manual provides the basic information you need to install, setup and use McAfee Firewall. More detailed information on step-by-step instructions on how to perform a task within McAfee Firewall is provided via the Help files which you can access while working within the different windows and dialog boxes. You can also review the Readme.txt file which contain other general information (e.g., frequently asked questions) about the product.

McAfee Firewall On-line Help

To launch Mc Af ee F ir ewa ll he lp:
In the McAfee Firewall main screen, click Help menu; then select Contents. The Help contents is displayed.
You can also search for a help topic via the Index or Find tabs.
• Index tab
1. In the text box, type the first few letters of the word or phrase you are looking for.
2. Locate what you are looking for; then double-click the topic or click the Display button.
• Find tab
Getting Started 15
Welcome to McAfee Firewall
Clicking the Find tab enables you to launch a full text search. When you search for topics via the Find tab for the first time, a Find Setup Wizard is displayed. Follow the instructions on screen to setup the full text search option. After setup is complete:
1. In the text box, type the first few letters of the word or phrase you are looking for. You can also select matching words to narrow your search.
2. Once you have located what you are looking for in the display topic box, click the topic.

Frequently Asked Questions

The following are some frequently asked questions that you can briefly review:
NOTE: To read additional frequently asked questions, refer to the Readme.txt file of McAfee Firewall.
How Will McAfee Firewall Help Me?
McAfee Firewall protects your PC at the network level. It acts as a gatekeeper, checking every data packet going in or out of your PC. It allows only what you tell it to allow.
McAfee Firewall has been designed to be easy to use, while providing you with excellent protection. Once you install and run it, it is configured to block known attacks and to ask you before allowing applications to communicate.
How is my PC at risk on the Internet?
When you connect to the Internet, you share a network with millions of people from around the world. While that is a truly wonderful and amazing accomplishment, it brings with it all the problems of being accessible to complete strangers.
When on the Internet, you need to lock down your PC. When you talk to strangers on IRC (Internet Relay Chat), be cautious of files they send you. This is one way the BO (Back Orifice) program spreads, giving people remote control of your PC. Check files you get for viruses.
When on the Internet, others can try to access your fileshares. You should check that they are not available, or else people can read and delete what is on your system.
16 McAfee Firewall
Welcome to McAfee Firewall
The data you send can be seen by more people than just the intended receiver. Practically any system that is connected to any part of the network path used to relay your data packets can see what is sent. Also, it is hard to know with absolute certainty that you are talking to whom you think you are talking to.
What other protection do I need?
McAfee Firewall provides network level protection. Other important types of protection are:
• Anti-virus programs for application-level protection.
• Logon screens and screen saver passwords to prevent unauthorized access.
• File encryption or encrypting file systems to keep information secret.
• Intrusion detection for an added level of network protection.
• Boot-time passwords to stop someone else from starting your PC.
• Physical access to the computer, e.g. stealing the hard drive.
A separate but also important issue is controlling access to information, misinformation and "filth" that is widely available on the In ternet. You can use a number of content-filtering programs or services such as McAfee’s Internet Guard Dog that can filter the contents of data packets or restrict access to certain sites.
Are there any data packets that McAfee Firewall cannot stop?
Inbound Data: No.
As long as McAfee Firewall supports a network device and is running, it is intercepting all incoming packets and will allow or block according to the way you have it configured. If you choose to block everything, it will.
Outbound Data: Yes and no.
McAfee Firewall intercepts outbound data packets as they are passed to the network device driver. All popular applications communicate this way. A malicious program could communicate by other means, however.
What network devices does McAfee Firewall support?
McAfee Firewall supports Ethernet and Ethernet-like devices on Microsoft Windows 95, 98 and NT 4.0 SP4 and SP5. This includes dial-up connections, most cable and ISDN modems and most Ethernet cards. It does not support Token Ring, FDDI, ATM, Frame Relay and other networks.
Getting Started 17
Welcome to McAfee Firewall
What protocols can McAfee Firewall filter?
McAfee Firewall can filter TCP/IP, UDP/IP, ICMP/IP and ARP. It intercepts all protocols, but others, such as IPX, must be either allowed or blocked - no filtering is done. The Internet uses the IP protocols. No others are sent. Also, IP networks are the most common.
How can I still be harassed, even with McAf ee Firewall?
Many people use McAfee Firewall (and PC FIREWALL) to block the "nukes" that cause their IRC connections to be broken. While McAfee Firewall blocks the nukes, there are other ways that attackers can still cause the connections to be broken:
Server-side nuking. This is when the "nukes" are sent to th e IRC se r v er, not to your computer, telling the server that you can no longer be reached. To prevent this, the IRC server needs a firewall.
Flood blocking a TCP connection. If a flood of packets is sent to you from a higher speed connecti on, McA fee Firewall or Con Seal PC FIREWALL can stop the packets, but the flood takes up all your bandwidth. Your system does not get a chance to send anything. Dial-up users are particularly vulnerable since they have the lowest speed connections.
18 McAfee Firewall

2Installing McAfee Firewall

Most installation problems are a caused by having programs running while you try to install new software. Even if the installation appears normal, you won’t be able to run the new pro gram. To avoid installation problems, close a ll open programs before you install McAfee Firewall, including programs that run in the background, such as screen savers or virus checkers.

System requirements

To use McAfee Firewall you need:
Microsoft ® Windows ® XP Home Edition, Windows XP Professional, Windows 2000, Windows Me, Windows NT Workstation v4.0, Windows 98, or Windows 95B.
Personal computer with a Pentium 100 MHz or higher processor.
•32 megabytes (MB) of RAM.
8 MB of free hard disk space.
•CD ROM drive.
2
Internet access required for various features.

About Winsock 2

McAfee Firewall uses an API (Application Programming Interface) that is not supported by versions of Winsock prior to v2.0. McAfee Firewall checks for the presence of Winsock 2 during the installation procedure and will inform you if the system does not have it. If you have the latest browser (e.g., Internet Explorer 5), this component is already built-in and you will not receive this prompt. Otherwise, you can get a free upgrade and is available from http://www.microsoft.com as well as other Web sites.
NOTE: For more information on Winsock 2, refer to the Frequently Asked Question section of McAfee Firewall’s Readme.txt file.
Getting Started 19
+ 43 hidden pages