Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: port privileges

  1. #1
    miamia Guest

    Default port privileges

    When I allow port XXX in Control - Programs - Program Options - Expert rules will it work for this program when in Firewall - Main - Internet Zone - Allow outgoing is empty?
    thanks

    Operating System:Windows XP Pro
    Software Version:8.0
    Product Name:ZoneAlarm Internet Security Suite

  2. #2
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: port privileges

    Yes this is normal.
    It is one or the other, and the two are not connected to each other to make the changes internally. If this is what you meant.

    Some people skip expert rules entirely and just add the needed closed/open ports in the Zones of the Firewall panel, along with the simple allowed/disallowed server/access program permissions in the Program listing. This does work and avoids the need to learn the expert rule procedure.


    But if you do use the expert rules, then the custom port entries into the Zones of Firewall panel can be skipped or disregarded.

    This is what I meant by one or the other.

    You can use both at the same time, but I have found that this is not neccessary.

    Best regards.
    Oldsod.

    Message Edited by Oldsod on 01-29-2009 12:35 AM
    Best regards.
    oldsod

  3. #3
    miamia Guest

    Default Re: port privileges

    Hi Oldsod,
    thank you for your reply. I tried do allow port in program expert rules in program listing but it doesn't allow program for using XXX port. When I allow it in Firewall panel
    Internet Zone settings it works. But I would like to allow this port only for this one program and not globaly. I have also blocked all trusted and internet servers (Firewall - Main - Advanced - General settings). Please, How should
    I setup ZA to allow this port for this one program only? It seems Zone settings
    has higher priority than program expert rule..

  4. #4
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: port privileges


    <blockquote><hr>miamia wrote:
    Hi Oldsod,
    thank you for your reply. I tried do allow port in program expert rules in program listing but it doesn't allow program for using XXX port. When I allow it in Firewall panel
    Internet Zone settings it works. But I would like to allow this port only for this one program and not globaly. I have also blocked all trusted and internet servers (Firewall - Main - Advanced - General settings). Please, How should
    I setup ZA to allow this port for this one program only? It seems Zone settings
    has higher priority than program expert rule..
    <hr></blockquote>


    "blocked all trusted and internet servers (Firewall - Main - Advanced - General settings)"
    This will conflict with your previous and new configurations.
    This should be changed back to allow the trusted servers; and allow internet servers IF you are allowing incoming from a particular internet "zoned" server(s) (i.e. P2P or other such things).
    You need the trusted server to be allowed for the dns and dhcp servers which are set into the trusted zone; as several programs need to have open ports to the dns and dhcp servers such as the svchost.exe allowing incoming from the dhcp server and for the domain name lookups.

    Port settings for both the destination and source ports are possible in the program expert rules - look in the protocols.
    This should be followed with a duplicate expert rule in the Expert of the Firewall.
    (hint: it is easier to use Groups for the protocols and the address as this speeds things up and is handy to use).

    What exactly are you trying to do - give me some more info and I will help you with the creation of the expert rules.

    Oldsod.
    Best regards.
    oldsod

  5. #5
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: port privileges

    "When I allow it in Firewall panel Internet Zone settings it works. But I would like to allow this port only for this one program and not globaly"

    Actually the port is not "opened gloablly" and will be opened only for the program requesting the need for this port(s).
    The ZA will show you this in the Alerts and in the Logging (first make sure the alerts and logs sliders are set to the high levels for best results and set it up for the mazimum logging and alerts).

    Another way to look at it - only the program or service or daemon using the port will be connected to the particular port and only the program using the port. Any other program not related to that port will not involved with that port.

    Oldsod.
    Best regards.
    oldsod

  6. #6
    miamia Guest

    Default Re: port privileges

    I am trying to set ZA for maximum protection and on the other hand to leave internet and trusted servers as &quot;Block trusted servers&quot; and &quot;Block
    internet servers&quot;. And I try to set rules for skype and icq to running with these settings also.
    Icq works ok and skype too, but every few minutes disconnect skype (and icq) but in few seconds skype/icq reconnect to normal state.
    I would like to avoid the
    lost of connection in these programs but I do not how so I am trying different settings :8}

  7. #7
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: port privileges


    <blockquote><hr>miamia wrote:
    I am trying to set ZA for maximum protection and on the other hand to leave internet and trusted servers as "Block trusted servers" and "Block
    internet servers". And I try to set rules for skype and icq to running with these settings also.
    Icq works ok and skype too, but every few minutes disconnect skype (and icq) but in few seconds skype/icq reconnect to normal state.
    I would like to avoid the
    lost of connection in these programs but I do not how so I am trying different settings :8}
    <hr></blockquote>


    Ok. Lets start from the beginning.

    Block trusted server means it will block the usual incoming connections from both the dhcp and dns servers. This is something that is not wanted at all.
    It is best to allow the trusted server incoming connections, hence allow the trusted server. Do not block these.

    The only possible way to block the trusted server (the dns and dhcp) is if there expert rules created in the Expert of the firewall and for each and every program that is involved with the allowing the incoming connections from the dns and dhcp.
    If you take this approach, then you basically are creating a complete expert rule set for everything in both the firewall and the program listing.
    This is mine own approach, but it is not for the average ZA user.

    Consider that all of the ports are default closed by the ZA anyways - there really are no servers allowed. This is the high level of the Internet Security Zone slider.
    The dns and dhcp servers which are needed to be servers are placed into the trusted zone in the Firewall's Zones. And the Trusted slider at the middle level.

    Any programs needing trusted server are controlled in the program listing.
    The same goes for the internet server - in this case the icq and the skye shoukd be allowed the internet server (along with the other accesses and trusted server).

    But this will fail if you use the block trusted and internet servers!
    So do not do that.

    As for the lost and resumed connections - check your ZA logs for the blocked events.
    The logs and alerts will show you any blocked event and this information is used to "debug" the settings and configuration to remedy the problem(s).
    If you wish, post the ZA log and I will take a look at the issues.

    Oldsod.
    Best regards.
    oldsod

  8. #8
    miamia Guest

    Default Re: port privileges

    ok, so I allowed trusted and internet servers in Firewall - Advanced config. In Program Control list my skype settings are now : Allow Access (Internet and Trusted servers) and
    Allow Server (Internet and Trusted servers). Is it ok?Qip Infium settings looks like: Allow Access (Internet and Trusted servers) and Server is &quot;Ask&quot; in both.
    My another question: When I want to use MS Remote Desktop I should allow port 3389 in Firewall - Internet zone security (high)- Custom - Allow incoming TCP port, isn't it?

  9. #9
    Join Date
    Dec 2005
    Posts
    9,056

    Default Re: port privileges


    <blockquote><hr>miamia wrote:
    ok, so I allowed trusted and internet servers in Firewall - Advanced config. In Program Control list my skype settings are now : Allow Access (Internet and Trusted servers) and
    Allow Server (Internet and Trusted servers). Is it ok?Qip Infium settings looks like: Allow Access (Internet and Trusted servers) and Server is "Ask" in both.
    My another question: When I want to use MS Remote Desktop I should allow port 3389 in Firewall - Internet zone security (high)- Custom - Allow incoming TCP port, isn't it?

    <hr></blockquote>


    Yes allow the port 3389; and allow all of the other icmp (pings, etc) types listed and unusual protocols at high security (in the other section).
    And allow the accesses and both servers for any of the MS RD programs.

    Plus make sure your own dhcp and dns servers are placed as trusted into the zones of the firewall.

    Oldsod.
    Best regards.
    oldsod

  10. #10
    miamia Guest

    Default Re: port privileges

    Oldsod, thank you for your help.
    I leave skype and icq running and I will see if dis/reconnecting problem is
    come again ...

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •