Yes | No Thanks | Maybe Later
Frequently Asked Questions about Firewalls (FAQ)
- What is a firewall?
- How do I know if I already have a firewall installed?
- How do I know whether to install the on-campus firewall client or the off-campus firewall client?
- What is the firewall program's default configuration?
- What should I do when my firewall program displays a security alert?
- How do I configure the Symantec Client Firewall to grant another computer access to my computer or printer?
- What are the configuration details for the ITS-supported firewall?
A firewall protects your computer from unwanted network intrusions by hackers or self-spreading worms that infiltrate your computer through open network ports.
The Symantec security program includes a firewall, virus protection, content filtering, and Intrusion detection. The program protects your computer against file, boot, and macro viruses; Trojan horses; mass mailer viruses; and active network infections.
For more detailed information, see http://www.howstuffworks.com/firewall.htm.
How do I know if I already have a firewall installed?
Go to the Start menu to see if you have a firewall installed. Uninstall any existing firewall software before you install Symantec Client Security.
Some of the common antivirus and firewall programs are produced by Symantec, Norton, McAfee, Grisoft, and Internet Security Systems.
How do I know whether to install the on-campus firewall client or the off-campus firewall client?
Download the off-campus firewall client, or software program, if your computer is not constantly connected to the USC network. Use the off-campus firewall program for your laptop and any desktop that you turn off on a regular basis.
The on-campus firewall client is configured for office equipment that constantly connected to the USC network and never powered off.
What is the firewall program's default configuration?
The firewall program's default security level is set to medium. The medium protection setting prevents harmful programs from hacking into your computer by blocking unused ports, and asks for permission each time an ActiveX or Java applet attempts to run.
ITS recommends a medium-level setting for most users.
What should I do when the firewall program displays a security alert?
The appearance of a security alert does not always indicate that an intrusion has occurred. Usually, your firewall program will recommend a course of action. If you encounter an alert that does not contain a recommendation, you should visit the vendor's website for further information.
How do I configure the Symantec Client Firewall to grant another computer access to my computer or printer?
You can share files and printers by placing someone else's computer in your Trusted Zone, an area on your local network that is not protected by a firewall. However, use caution when granting access to other computers. If a computer in your Trusted Zone is hacked or infected, your computer could be compromised as well.
To place a computer in the Trusted Zone, open the configuration menus for the Symantec Client Firewall.
- In the system tray (in the lower-right hand corner of your screen), click the Globe icon, and then select Symantec Client Firewall.
- In the next window that opens, select Client Firewall in the center column, and then select Configure in the lower-right hand corner of the window.
- In the next window that appears, click the Networking tab in the center, make sure the Trusted tab is selected, and then click Add.
- In the window that appears, enter the IP address of the computer to be given access and select OK.
What are the configuration details for the ITS-supported firewall?
The default firewall rules in the ITS distribution of the client firewall are listed below:
- Inbound ICMP: Permit only certain commands (Echo Reply, Destination Unreachable, Time Exceeded) from any computer
- Outbound ICMP:Permit ICMP outbound on any command to any computer
- Inbound DNS:Permit UDP inbound data on remote port 53 from any computer
- Inbound NetBIOS Name: Block UDP inbound data on local port 137 from any computer
- Outbound NetBIOS: Permit UDP and TCP outbound data on remote ports 138, 137, 139 to any computer
- Inbound Loopback: Permit UDP and TCP inbound and outbound any port from/to 127.0.0.1
- Block Inbound and Outbound ICMP: Block ICMP inbound and outbound on any command from any computer
- Block Windows File Sharing: Block UDP and TCP inbound data on local port 139 from any computer
- Inbound Bootp: Permit UDP inbound data on remote port 67 and local port 68 from any computer
- Outbound Bootp: Permit UDP inbound data on remote port 67 and local port 68 to any computer
- Block Microsoft Windows 2000 SMB: Block UDP and TCP inbound data on local port 445 from any computer
- Block EPMAP: Block UDP and TCP inbound data on local port 135 from any computer
- UPNP Port 5000 Block Rule: Block TCP inbound and outbound data on local port 5000 from any computer
- UPNP Port 1900 Block Rule: Block UDP inbound data on local port 1900 from any computer
- Permit Remote Desktop: Permit TCP inbound and outbound data on local port 3389 from any computer
- Novell SLP Negotiation Ports: Permit UDP and TCP outbound data on local ports 1204-1500 from any computer
- Netware SLP Port 524: Permit UDP and TCP inbound and outbound data on local port 524 from any computer
- Netware SLP Port 524: Permit UDP and TCP inbound and outbound data on remote port 524 from any computer
- Netware SLP Port 427: Permit UDP and TCP inbound and outbound data on local port 427 from any computer
- Netware SLP Port 427: Permit UDP and TCP inbound and outbound data on remote port 427 from any computer
- Timbuktu Handshake Port: Permit UDP inbound and outbound data on local port 407 from any computer
- Timbuktu Traffic Ports: Permit TCP inbound and outbound data on local ports 1417-1420 from any computer
Getting Help
For other questions, please contact the Customer Support Center at 213-740-5555 or send an email to consult@usc.edu.
Last updated: Monday, October 19, 2009, 11:42AM PDT