I’ve been reading through a lot of FAQ’s, posts etc but just don’t understand how to configure this firewall.
No traces of any other firewalls on this pc…we have DSL & the modem that came with it from out ISP, no router…just CFP3.
In the “My Network Zones”, there are 2 zones…the top one reads…"Loopback Zone IP In 127.0.0.1/255.0.0.0
The next line says “Local Area Network #1 IP In [192.168.2.10/255.255.255.0”
Is this correct? This is the only pc we have, no networked computers etc.
And after reading a lot of posts I should mention that my wife & I are getting up there in years so we don’t know what we are doing, I have noticed that there are no intrusion attempts after several hours online.
By the way, I did download a script found here which may help you folks to guide us in correcting whatever you may find that we should do or should not have done. The results are long but I’ll add it as an attachment & hope it helps.
What kinds of problems are you having? Can you get online or not? I see Internet Explorer is set as custom. You can go to Firewall → advanced → network security policy → application rules. Find Internet Explorer and edit it making it a web browser.
Let us know what your results are and what OS you are using.
Hi John, yes we can get online without any trouble. What I’m concerned about is where I said… "In the “My Network Zones”, there are 2 zones…the top one reads…"Loopback Zone IP In 127.0.0.1/255.0.0.0
The next line says “Local Area Network #1 IP In [192.168.2.10/255.255.255.0”
Something tells me that the range from 192.168.2.10 through 255.255.255.0 could be asking for trouble…I know we know nothing about security but isn’t that range just welcoming in anyone on the internet to our computer?
The range seems extreemly wide open for one pc, doesn’t it?
Also, we have the firewall set to log events but after 6 + hours straight online the log isn’t showing one event of any kind…I know we all like a firewall to not constantly distract us with alerts but not one seems to tell me things aren’t set-up as they should be…even after going to GRC to scan the pc’s ports not one entry in the firewall log?
It must be an error on my part, I never heard of a firewall that is set to log incoming connection attempts to not have one in over six hours & after a port scan at GRC.
The next line says "Local Area Network #1 IP In [192.168.2.10/255.255.255.0"
Something tells me that the range from 192.168.2.10 through 255.255.255.0 could be asking for trouble…I know we know nothing about security but isn’t that range just welcoming in anyone on the internet to our computer?
The range seems extreemly wide open for one pc, doesn’t it?
I think there’s a misunderstanding of the terminology, and notation used in writing down network addresses.
The 192.168.2.10/255.255.255.0 is what is known as a “netmask” notation. The format is base-addr/active-bitmask. In this instance, the notation is describing a range from 192.168.2.0 thru 192.168.2.255 inclusive.
The notation has been an industry standard for something like the past 30 years, once there were enough networked machines that somebody had to invent what we now call a router.
In probably far more detail than you want to know, I’ll point you to the Wikipedia entry Subnetwork - Wikipedia, and the section fairly early in all that detail on “binary subnet masks”.
Hi Grue155…So in english you just said…this is as it should be…no need to be concerned? And thanks for helping out too!
And for anyone who really knows this firewall very well…could one of you please help us out? We’ve been waiting for awhile now for someone who knows what they’re talking about to answer this other question I posted.
"Also, we have the firewall set to log events but after 6 + hours straight online the log isn’t showing one event of any kind…I know we all like a firewall to not constantly distract us with alerts but not one seems to tell me things aren’t set-up as they should be…even after going to GRC to scan the pc’s ports not one entry in the firewall log?
It must be an error on my part, I never heard of a firewall that is set to log incoming connection attempts to not have one in over six hours & after a port scan at GRC."
Yes, everything you have described is typical normal configuration stuff.
If you type in “ipconfig /all” on a Windows command prompt (click Start → All Programs, Accessories, Command Prompt), you should see the same IP address and subnet mask value. CFP gets its numbers from Windows, and not the other way around. It takes some effort to tell Windows to use a different set of numbers, and CFP doesn’t do that kind of work. CFP is a firewall, but it isn’t a router.
.