Norton Internet Security 2005 PL [HELP PLEASE!!!]

Hi!
I have LAN network of two computers with file sharing. Win 98SE both.
I installed wireless connection to internet on one of them.
LAN ethernet adapter has private IP address class B, wireless network
has private network address class C:

COMP2 <----utp5e----> COMP1 <---wifi---> GATEWAY <--> INTERNET
172.16.0.2 172.16.0.1 i 192.168.0.x 192.168.0.y i WAN_IP

I bought Norton Internet Security 2005, to install it on COMP1, to
filter access from INTERNET and WIFI network to my LAN.
And I have:
-in case NIS2005 _not_installed_ : everything works fine!
-in case NIS2005 _installed_ : communication in my LAN network works,
communication with GATEWAY works, but doesn't work any communication
beyond GATEWAY
It looks like GATEWAY blocks communication, but it doesn't (Norton does)!
Disabling of Norton Securities _DOES_NOT_HELP'S_. Helps just
uninstalling NIS 2005! If uninstalled - everything work's fine again.
Any suggestions? I have spent on it 2 DAYS (!), and can't get any clue.
Best regards

-Maciek

domanikuz

domanikuz wrote:
> Hi!
> I have LAN network of two computers with file sharing. Win 98SE both.
> I installed wireless connection to internet on one of them.
> LAN ethernet adapter has private IP address class B, wireless network
> has private network address class C:
>
> COMP2 <----utp5e----> COMP1 <---wifi---> GATEWAY <--> INTERNET
> 172.16.0.2 172.16.0.1 i 192.168.0.x 192.168.0.y i WAN_IP
>
> I bought Norton Internet Security 2005, to install it on COMP1, to
> filter access from INTERNET and WIFI network to my LAN.
> And I have:
> -in case NIS2005 _not_installed_ : everything works fine!
> -in case NIS2005 _installed_ : communication in my LAN network works,
> communication with GATEWAY works, but doesn't work any communication
> beyond GATEWAY
> It looks like GATEWAY blocks communication, but it doesn't (Norton does)!
> Disabling of Norton Securities _DOES_NOT_HELP'S_. Helps just
> uninstalling NIS 2005! If uninstalled - everything work's fine again.
> Any suggestions? I have spent on it 2 DAYS (!), and can't get any clue.
> Best regards
>
> -Maciek

Try turning on the network detector. You will need to set the zone to
another location other than default. When the Default Location is
active, the number of associated network connections is always 0,
because network specifications cannot be associated with the Default
Location. This is just my guess, hope this helps.

You will want to ensure the second box is in the trusted zone,
especially if you are going to use the NIS computer as the gateway (for
firewall filtering purposes) to the local network. Otherwise you may
not be able to be able to utilize printer and file sharing between the
computers. The is important to the computer master browser service on
the local network as well.

Winged

winged

winged wrote:
> domanikuz wrote:
>
>> Hi!
>> I have LAN network of two computers with file sharing. Win 98SE both.
>> I installed wireless connection to internet on one of them.
>> LAN ethernet adapter has private IP address class B, wireless network
>> has private network address class C:
>>
>> COMP2 <----utp5e----> COMP1 <---wifi---> GATEWAY <--> INTERNET
>> 172.16.0.2 172.16.0.1 i 192.168.0.x 192.168.0.y i WAN_IP
>>
>> I bought Norton Internet Security 2005, to install it on COMP1, to
>> filter access from INTERNET and WIFI network to my LAN.
>> And I have:
>> -in case NIS2005 _not_installed_ : everything works fine!
>> -in case NIS2005 _installed_ : communication in my LAN network works,
>> communication with GATEWAY works, but doesn't work any communication
>> beyond GATEWAY
>> It looks like GATEWAY blocks communication, but it doesn't (Norton does)!
>> Disabling of Norton Securities _DOES_NOT_HELP'S_. Helps just
>> uninstalling NIS 2005! If uninstalled - everything work's fine again.
>> Any suggestions? I have spent on it 2 DAYS (!), and can't get any clue.
>> Best regards
>>
>> -Maciek
>
>
> Try turning on the network detector. You will need to set the zone to
> another location other than default. When the Default Location is
> active, the number of associated network connections is always 0,
> because network specifications cannot be associated with the Default
> Location. This is just my guess, hope this helps.
>
> You will want to ensure the second box is in the trusted zone,
> especially if you are going to use the NIS computer as the gateway (for
> firewall filtering purposes) to the local network. Otherwise you may
> not be able to be able to utilize printer and file sharing between the
> computers. The is important to the computer master browser service on
> the local network as well.
>
> Winged
PS You may not want to leave the second system in the trusted zone and
configure rules to only expose the ports and protocols that you require
open between the two systems. It is easiest to put it in the trusted
zone, but creating individual rules for required services is far more
secure. This is especially so if you do not plan on piping the second
computer through the NIS firewall, due to Win 98 configuration, if you
choose not to pipe the local network through the NIS, you may not want
to allow local LAN communications at all due to the basic security
issues with win98.

Winged

winged

User winged wrote:

>>
>>
>> Try turning on the network detector. You will need to set the zone to
>> another location other than default. When the Default Location is
>> active, the number of associated network connections is always 0,
>> because network specifications cannot be associated with the Default
>> Location. This is just my guess, hope this helps.
>>
>> You will want to ensure the second box is in the trusted zone,
>> especially if you are going to use the NIS computer as the gateway
>> (for firewall filtering purposes) to the local network. Otherwise you
>> may not be able to be able to utilize printer and file sharing between
>> the computers. The is important to the computer master browser
>> service on the local network as well.
>>
>> Winged
>
> PS You may not want to leave the second system in the trusted zone and
> configure rules to only expose the ports and protocols that you require
> open between the two systems. It is easiest to put it in the trusted
> zone, but creating individual rules for required services is far more
> secure. This is especially so if you do not plan on piping the second
> computer through the NIS firewall, due to Win 98 configuration, if you
> choose not to pipe the local network through the NIS, you may not want
> to allow local LAN communications at all due to the basic security
> issues with win98.
>
> Winged

OK. I tried that all, but I still have the same problem:
I can communicate with my gateway, but not Internet e.g. when I'm
pinging gateway address, all comunication works fine, and gateway
answers but when I'm pinging www.kernel.org or any other domain or IP
(!), I cannot estabilish connection. The same happens, when I want to
view any web page: local web pages (inside wireless network) - local web
pages displays. When I'm going to view web pages behind gateway
(Internet)- Web Page Cannot be Displayed. I don't know what to do with it.
I think, that Notron saves some settings that have been installed
first, and when I install NIS again, it load these settings again. Maybe
the source of problem is that I cannot uninstall it completely? How can
I remove this programm with all settings?
Best regards
-Maciek

domanikuz

On Fri, 04 Mar 2005 13:21:33 +0100, domanikuz <spam@jest_glupi.pl>
wrote:

>Disabling of Norton Securities _DOES_NOT_HELP'S_. Helps just
>uninstalling NIS 2005! If uninstalled - everything work's fine again.
>Any suggestions? I have spent on it 2 DAYS (!), and can't get any clue.
>Best regards
>
>-Maciek
#############################
First of all, I never would have bought Norton or any Symantec
product. Other than that, I have found the disabling Norton doesn't
really stop it for some reason. Have you checked the Task Manager to
see if there is anything still running?
donnie

donnie

domanikuz wrote:
> User winged wrote:
>
>>>
>>>
>>> Try turning on the network detector. You will need to set the zone
>>> to another location other than default. When the Default Location is
>>> active, the number of associated network connections is always 0,
>>> because network specifications cannot be associated with the Default
>>> Location. This is just my guess, hope this helps.
>>>
>>> You will want to ensure the second box is in the trusted zone,
>>> especially if you are going to use the NIS computer as the gateway
>>> (for firewall filtering purposes) to the local network. Otherwise
>>> you may not be able to be able to utilize printer and file sharing
>>> between the computers. The is important to the computer master
>>> browser service on the local network as well.
>>>
>>> Winged
>>
>>
>> PS You may not want to leave the second system in the trusted zone and
>> configure rules to only expose the ports and protocols that you
>> require open between the two systems. It is easiest to put it in the
>> trusted zone, but creating individual rules for required services is
>> far more secure. This is especially so if you do not plan on piping
>> the second computer through the NIS firewall, due to Win 98
>> configuration, if you choose not to pipe the local network through the
>> NIS, you may not want to allow local LAN communications at all due to
>> the basic security issues with win98.
>>
>> Winged
>
>
> OK. I tried that all, but I still have the same problem:
> I can communicate with my gateway, but not Internet e.g. when I'm
> pinging gateway address, all comunication works fine, and gateway
> answers but when I'm pinging www.kernel.org or any other domain or IP
> (!), I cannot estabilish connection. The same happens, when I want to
> view any web page: local web pages (inside wireless network) - local web
> pages displays. When I'm going to view web pages behind gateway
> (Internet)- Web Page Cannot be Displayed. I don't know what to do with it.
> I think, that Notron saves some settings that have been installed
> first, and when I install NIS again, it load these settings again. Maybe
> the source of problem is that I cannot uninstall it completely? How can
> I remove this programm with all settings?
> Best regards
> -Maciek
You "may" have to hack it out of the registry to completely remove it.
It doesn't un-install well. Sometimes removal can be problematic.
Search on keyword Symantec in the registry.

That said, this is a weird problem. Have you checked the Symantec logs?
Does either the content blocking, connections, firewall, or alert log
show anything. The logs should indicate why the connection is being
refused. Post those logs from the point you attempt to make a connection.

I use this product (corporate edition) behind a natted pix firewall with
no issue. Unlike Donnie I prefer this product over several freely
available to me. While it's system load is a bit higher than others I
have found it very reliable and functional. It sounds like a weird
problem. What kind of gateway are you using? I am trying, like you, to
think of a reason this could be happening and keep coming up blank.

hrrm have a thought, What is the IP window size set on your gateway?
Under the options / firewall tab. On the Fragmented Packet handling
tab radio button set to block all? If the packet window size on your
gateway was matched to MS windows and not to the Internet standard this
could cause all packets beyond the gateway to be dropped, but allow
windoz boxes behind the gateway to communicate normally. The radio
button under fragmented packet handling should be set to permit all
except suspected attacks. This "might" cause the symptoms you describe.

Do you use a proxy or an anonymizer? (if no ignore) Is the proxied port
identified under options/ secure port tab? If you had the local machine
in the trusted zone and a proxy or anonimyzer on one of the secured
ports, this would cause the symptoms you describe, depending on
configuration.

Did you run an application scan (under client firewall/configuration/
programs, program scan button) after you installed the firewall? With
the local network machine in the trusted zone it would display local net
pages but not allow things to communicate else wise including ping. If
you didn't, this might cause the problem you describe. Without the
application scan I don't think, even with the firewall disabled, it
would allow the computer to communicate with anything besides the
trusted hosts.

Those are the only things that I can think of. Let me know if any of
these apply, I will continue to think about the issue.

Winged

winged

User winged wrote:
> domanikuz wrote:
>
>> User winged wrote:
>>
>>>>
>>>>
>>>> Try turning on the network detector. You will need to set the zone
>>>> to another location other than default. When the Default Location
>>>> is active, the number of associated network connections is always 0,
>>>> because network specifications cannot be associated with the Default
>>>> Location. This is just my guess, hope this helps.
>>>>
>>>> You will want to ensure the second box is in the trusted zone,
>>>> especially if you are going to use the NIS computer as the gateway
>>>> (for firewall filtering purposes) to the local network. Otherwise
>>>> you may not be able to be able to utilize printer and file sharing
>>>> between the computers. The is important to the computer master
>>>> browser service on the local network as well.
>>>>
>>>> Winged
>>>
>>>
>>>
>>> PS You may not want to leave the second system in the trusted zone
>>> and configure rules to only expose the ports and protocols that you
>>> require open between the two systems. It is easiest to put it in the
>>> trusted zone, but creating individual rules for required services is
>>> far more secure. This is especially so if you do not plan on piping
>>> the second computer through the NIS firewall, due to Win 98
>>> configuration, if you choose not to pipe the local network through
>>> the NIS, you may not want to allow local LAN communications at all
>>> due to the basic security issues with win98.
>>>
>>> Winged
>>
>>
>>
>> OK. I tried that all, but I still have the same problem:
>> I can communicate with my gateway, but not Internet e.g. when I'm
>> pinging gateway address, all comunication works fine, and gateway
>> answers but when I'm pinging www.kernel.org or any other domain or IP
>> (!), I cannot estabilish connection. The same happens, when I want to
>> view any web page: local web pages (inside wireless network) - local
>> web pages displays. When I'm going to view web pages behind gateway
>> (Internet)- Web Page Cannot be Displayed. I don't know what to do with
>> it.
>> I think, that Notron saves some settings that have been installed
>> first, and when I install NIS again, it load these settings again.
>> Maybe the source of problem is that I cannot uninstall it completely?
>> How can I remove this programm with all settings?
>> Best regards
>> -Maciek
>
> You "may" have to hack it out of the registry to completely remove it.
> It doesn't un-install well. Sometimes removal can be problematic.
> Search on keyword Symantec in the registry.
>
> That said, this is a weird problem. Have you checked the Symantec logs?
> Does either the content blocking, connections, firewall, or alert log
> show anything. The logs should indicate why the connection is being
> refused. Post those logs from the point you attempt to make a connection.
>
> I use this product (corporate edition) behind a natted pix firewall with
> no issue. Unlike Donnie I prefer this product over several freely
> available to me. While it's system load is a bit higher than others I
> have found it very reliable and functional. It sounds like a weird
> problem. What kind of gateway are you using? I am trying, like you, to
> think of a reason this could be happening and keep coming up blank.
>
> hrrm have a thought, What is the IP window size set on your gateway?
> Under the options / firewall tab. On the Fragmented Packet handling tab
> radio button set to block all? If the packet window size on your
> gateway was matched to MS windows and not to the Internet standard this
> could cause all packets beyond the gateway to be dropped, but allow
> windoz boxes behind the gateway to communicate normally. The radio
> button under fragmented packet handling should be set to permit all
> except suspected attacks. This "might" cause the symptoms you describe.
>
> Do you use a proxy or an anonymizer? (if no ignore) Is the proxied port
> identified under options/ secure port tab? If you had the local machine
> in the trusted zone and a proxy or anonimyzer on one of the secured
> ports, this would cause the symptoms you describe, depending on
> configuration.
>
> Did you run an application scan (under client firewall/configuration/
> programs, program scan button) after you installed the firewall? With
> the local network machine in the trusted zone it would display local net
> pages but not allow things to communicate else wise including ping. If
> you didn't, this might cause the problem you describe. Without the
> application scan I don't think, even with the firewall disabled, it
> would allow the computer to communicate with anything besides the
> trusted hosts.
>
> Those are the only things that I can think of. Let me know if any of
> these apply, I will continue to think about the issue.
>
> Winged
>
>
>
>
>
Thank you! I will look into logs on monday, I have no access to this
network now. I will write about it on monday evening.
greets
-Maciek

domanikuz

donnie wrote:
>
> #############################
> First of all, I never would have bought Norton or any Symantec
> product.

I once did love the Norton Utilities though!

John

On Wed, 09 Mar 2005 10:37:54 +0100, John
<> wrote:

>donnie wrote:
>>
>> #############################
>> First of all, I never would have bought Norton or any Symantec
>> product.
>
>I once did love the Norton Utilities though!
###########################
I'm sure you once loved your x wife too.
donnie

donnie