Norton Internet Security 2005 PL [HELP PLEASE!!!]

Discussion in 'Computer Security' started by domanikuz, Mar 4, 2005.

  1. domanikuz

    domanikuz Guest

    Hi!
    I have LAN network of two computers with file sharing. Win 98SE both.
    I installed wireless connection to internet on one of them.
    LAN ethernet adapter has private IP address class B, wireless network
    has private network address class C:

    COMP2 <----utp5e----> COMP1 <---wifi---> GATEWAY <--> INTERNET
    172.16.0.2 172.16.0.1 i 192.168.0.x 192.168.0.y i WAN_IP

    I bought Norton Internet Security 2005, to install it on COMP1, to
    filter access from INTERNET and WIFI network to my LAN.
    And I have:
    -in case NIS2005 _not_installed_ : everything works fine!
    -in case NIS2005 _installed_ : communication in my LAN network works,
    communication with GATEWAY works, but doesn't work any communication
    beyond GATEWAY :-(
    It looks like GATEWAY blocks communication, but it doesn't (Norton does)!
    Disabling of Norton Securities _DOES_NOT_HELP'S_. Helps just
    uninstalling NIS 2005! If uninstalled - everything work's fine again.
    Any suggestions? I have spent on it 2 DAYS (!), and can't get any clue.
    Best regards

    -Maciek
     
    domanikuz, Mar 4, 2005
    #1
    1. Advertisements

  2. domanikuz

    winged Guest

    Try turning on the network detector. You will need to set the zone to
    another location other than default. When the Default Location is
    active, the number of associated network connections is always 0,
    because network specifications cannot be associated with the Default
    Location. This is just my guess, hope this helps.

    You will want to ensure the second box is in the trusted zone,
    especially if you are going to use the NIS computer as the gateway (for
    firewall filtering purposes) to the local network. Otherwise you may
    not be able to be able to utilize printer and file sharing between the
    computers. The is important to the computer master browser service on
    the local network as well.

    Winged
     
    winged, Mar 4, 2005
    #2
    1. Advertisements

  3. domanikuz

    winged Guest

    PS You may not want to leave the second system in the trusted zone and
    configure rules to only expose the ports and protocols that you require
    open between the two systems. It is easiest to put it in the trusted
    zone, but creating individual rules for required services is far more
    secure. This is especially so if you do not plan on piping the second
    computer through the NIS firewall, due to Win 98 configuration, if you
    choose not to pipe the local network through the NIS, you may not want
    to allow local LAN communications at all due to the basic security
    issues with win98.

    Winged
     
    winged, Mar 4, 2005
    #3
  4. domanikuz

    domanikuz Guest

    OK. I tried that all, but I still have the same problem:
    I can communicate with my gateway, but not Internet e.g. when I'm
    pinging gateway address, all comunication works fine, and gateway
    answers but when I'm pinging www.kernel.org or any other domain or IP
    (!), I cannot estabilish connection. The same happens, when I want to
    view any web page: local web pages (inside wireless network) - local web
    pages displays. When I'm going to view web pages behind gateway
    (Internet)- Web Page Cannot be Displayed. I don't know what to do with it.
    I think, that Notron saves some settings that have been installed
    first, and when I install NIS again, it load these settings again. Maybe
    the source of problem is that I cannot uninstall it completely? How can
    I remove this programm with all settings?
    Best regards
    -Maciek
     
    domanikuz, Mar 4, 2005
    #4
  5. domanikuz

    donnie Guest

    #############################
    First of all, I never would have bought Norton or any Symantec
    product. Other than that, I have found the disabling Norton doesn't
    really stop it for some reason. Have you checked the Task Manager to
    see if there is anything still running?
    donnie
     
    donnie, Mar 4, 2005
    #5
  6. domanikuz

    winged Guest

    You "may" have to hack it out of the registry to completely remove it.
    It doesn't un-install well. Sometimes removal can be problematic.
    Search on keyword Symantec in the registry.

    That said, this is a weird problem. Have you checked the Symantec logs?
    Does either the content blocking, connections, firewall, or alert log
    show anything. The logs should indicate why the connection is being
    refused. Post those logs from the point you attempt to make a connection.

    I use this product (corporate edition) behind a natted pix firewall with
    no issue. Unlike Donnie I prefer this product over several freely
    available to me. While it's system load is a bit higher than others I
    have found it very reliable and functional. It sounds like a weird
    problem. What kind of gateway are you using? I am trying, like you, to
    think of a reason this could be happening and keep coming up blank.

    hrrm have a thought, What is the IP window size set on your gateway?
    Under the options / firewall tab. On the Fragmented Packet handling
    tab radio button set to block all? If the packet window size on your
    gateway was matched to MS windows and not to the Internet standard this
    could cause all packets beyond the gateway to be dropped, but allow
    windoz boxes behind the gateway to communicate normally. The radio
    button under fragmented packet handling should be set to permit all
    except suspected attacks. This "might" cause the symptoms you describe.

    Do you use a proxy or an anonymizer? (if no ignore) Is the proxied port
    identified under options/ secure port tab? If you had the local machine
    in the trusted zone and a proxy or anonimyzer on one of the secured
    ports, this would cause the symptoms you describe, depending on
    configuration.

    Did you run an application scan (under client firewall/configuration/
    programs, program scan button) after you installed the firewall? With
    the local network machine in the trusted zone it would display local net
    pages but not allow things to communicate else wise including ping. If
    you didn't, this might cause the problem you describe. Without the
    application scan I don't think, even with the firewall disabled, it
    would allow the computer to communicate with anything besides the
    trusted hosts.

    Those are the only things that I can think of. Let me know if any of
    these apply, I will continue to think about the issue.

    Winged
     
    winged, Mar 5, 2005
    #6
  7. domanikuz

    domanikuz Guest

    Thank you! I will look into logs on monday, I have no access to this
    network now. I will write about it on monday evening.
    greets
    -Maciek
     
    domanikuz, Mar 5, 2005
    #7
  8. domanikuz

    John Guest

    I once did love the Norton Utilities though!
     
    John, Mar 9, 2005
    #8
  9. domanikuz

    donnie Guest

    ###########################
    I'm sure you once loved your x wife too.
    donnie
     
    donnie, Mar 10, 2005
    #9
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.