Windows Firewall and Its Importance !!

Windows Firewall acts as a protective shield for your computer against possible safety intrusions. It is highly effective in blocking computer worms and viruses from reaching the computer and making unauthorized changes and "stealing" information. It is worth noting here that Windows Firewall protects your PC by five services: packet filtering, application filtering, proxy server, circuit-level, and Stateful inspection. Firewall prompts the user to accept or decline certain connection requests so that PC security is not compromised at any stage and all operations are authorized, to say the least. In other words, PC users can specify rules for source and destination IP addresses and port ranges.

It is, however, important to note that Windows Firewall does not block spam or unsolicited emails. Firewall also does not stop PC users from opening emails that can include dangerous attachments and doesn't detect or remove computer worms or viruses. It is, therefore, recommended that PC users must install powerful antivirus software and update the same on regular intervals so that PC security is not exposed before threats.

Now that we have read about Windows Firewall and its importance, it is now time to read what to do in case the very purpose of Windows Firewall, PC security, is defeated by an intrusion.
In case you are experiencing problems with Windows Firewall, you can always refer to computer troubleshooting service. This will help you identify the problem and even treat in some cases. In case the intrusion is severe, it is highly recommended that you opt for professional computer help desk service. This computer support service can be accessed for free or little cost from a reliable computer tech help provider.

If you are not aware of any such providers, you can go online to find a provider specializing in such services. For this, you need not make any special efforts. You can just search engines such as Google, Yahoo!, or MSN and type words such as "computer support service", "computer tech help", "computer troubleshooting service", or "computer help desk service". You will be redirected to sites of computer support service providers and then you can compare and choose from the available options. It will now be time to clarify any doubts (if any) from the provider and setting the computer tech help terms so that things are simplified for a better understanding.
Read more: http://goo.gl/F9KYB

How to Get Rid of a Sonicwall Firewall

A firewall is a software program that serves as a barrier between your computer and remote hackers, viruses and worms. It is a vital piece of equipment if you wish to keep your computer secure. Windows XP, Windows Vista and Windows 7 come equipped with a firewall, as do many antivirus programs. Consequently, if you have Sonicwall Firewall, you may want to remove it in favor of one of these other firewalls.

Instructions

Windows 7 and Vista

Click the "Start" menu, then "Control Panel." Click "Programs" and "Programs and Features."

Click "Sonicwall Firewall" and then "Uninstall."

Restart your computer.

Read more: http://goo.gl/RzPYO

Why Is My Firewall Blocking Windows Live Messenger

Windows Firewall is a protective computerized barrier integrated into Windows operating systems to prevent certain programs from accessing your computer. The firewall checks all programs and will automatically block programs it views as a potential hazard.

Cannot Log On

If you are having trouble logging into Windows Live Messenger, your firewall may not be giving the computer network permission to access it. Check your firewall settings by clicking "Start," "Settings," "Control Panel," and opening the Windows Firewall application. Click the "Exceptions" tab to see the list of programs being blocked.

Messenger

Messenger is executed by the msnmsgr.exe file. If you do not see this file or "Windows Live Messenger" in the list, you should click the "Add Program" button and look in the list for Messenger. If it is not in the list, click the "Browse" button and locate it through the programs folder. Click the "OK" button once the Messenger program has been added to the list.

Other Firewalls

Routers have firewalls to protect the computer from the external source of the router network. Anti-virus programs have their own firewall as part of their protection systems. If you have other firewalls running on your computer, access that firewall and give it permission to access the Messenger program.


Read more: http://goo.gl/VvY6w

IP Spoofing and IPS Protection with a Cisco ASA 5500 Firewall

The Cisco ASA firewall appliance provides great security protection out-of-the box with its default configuration. However, to increase the security protection even further, there are several configuration enhancements that can be used to implement additional security features. Two of these features are IP Spoofing protection and basic Intrusion Prevention (IPS) support.

IP Spoofing Protection:

IP spoofing attacks are those that change the actual source IP address of packets to obscure their true origin. This means that packets arriving at a particular interface (e.g inside) must have a valid source IP address that matches the correct source interface according to the firewall routing table. Normally the firewall only looks at the destination address of a packet in order to forward it accordingly. If you enable the IP Spoofing mechanism, the firewall checks also the source address of the packets.

If for example our inside interface connects to internal network 192.168.1.0/24, this means that packets arriving at the inside firewall interface must have a source address in the range 192.168.1.0/24 otherwise they will be dropped (if IP Spoofing is configured).

The IP Spoofing feature uses the Unicast Reverse Path Forwarding (Unicast RPF) mechanism, which dictates that for any traffic that you want to allow through the security appliance, the security appliance routing table must include a route back to the source address.

To enable IP Spoofing protection, enter the following command:

CiscoASA5500(config)# ip verify reverse-path interface "interface_name"

For example, to enable IP spoofing on the inside interface, use the following command:

CiscoASA5500(config)# ip verify reverse-path interface inside

Basic IPS Protection:

Although the ASA Firewall supports full IPS functionality with an extra IPS hardware module (AIP-SSM), it supports also basic IPS protection which is built-in by default without using an extra hardware module. The built-in IPS feature supports a basic list of signatures and you can configure the security appliance to perform one or more actions on traffic that matches a signature. The command that implements the basic IPS feature is called "ip audit".

There are two signature groups embedded in the firewall software: "Informational" and "Attack" signatures. You can define an IP audit policy for each signature group as following:

For informational signatures:

CiscoASA5500 (config)# ip audit name "name" info [action [alarm] [drop] [reset]]

For attack signatures:

CiscoASA5500 (config)# ip audit name "name" attack [action [alarm] [drop] [reset]]

The keywords [alarm], [drop], [reset] define the actions to perform on a malicious packet that matches one of the signatures. [alarm] generates a system message showing that a packet matched a signature, [drop] drops the packet, and [reset] drops the packet and closes the connection.

After defining an IP audit policy (IPS policy) as shown above, we need to attach the policy to a specific interface:

CiscoASA5500 (config)# ip audit interface "interface_name" " policy_name"

Let's see an actual example:

CiscoASA5500 (config)# ip audit name dropattacks attack action drop

CiscoASA5500 (config)# ip audit interface outside dropattacks

You can visit my website Cisco Tips for more information about Cisco products and solutions. You can also learn how to configure any Cisco ASA 5500 Firewall Here.

Article Source: http://goarticles.com/article/IP-Spoofing-and-IPS-Protection-with-a-Cisco-ASA-5500-Firewall/1237260/