my question is this… how do i define a rule that tells firewall to allow income connection with teamviwer
only from one specific computer?
2.every time i tryn to run an application i get a little pop up window.
with three option
i usally want to press block becuse most of those do not really need internet connection,
but when i press block he is sutting down the appliacation… why my firewall is shutting down the application when i try to block its acess to the internet especialy when those program do not require internet connection to run?
thank for any one who can help
important note:im not using the entire CIS package i have dowloaded only the free firewall
I think creating an application rule for teamviewer from mac specific address to mac specific address should resolve the issue (people, tell me if I’m wrong on this one).
It is important to note if these alerts are firewall, hips, or behavior blocker rules as a firewall only install still includes these functions unless you have disabled them. Also note, if you have chosen to block a program with the checkbox ( remember my answer) you may need to manually reverse those rules applied if need be.
UDP is a stateless protocol. This means packets are fired off at their target with no verification (at the protocol level) that they were received or even reached the destination. Firewalls are designed to look for UDP packets and record the source and destination as well as the timestamp. If they see an inbound packet that matches an outbound packet they will generally allow the packet through even without a specific rule being placed in the firewall’s access list.
In order to pin hole your machine (viewer) has a TCP connection back to the main TeamViewer server. The target machine (client) also has a TCP connection to the main TeamViewer Server. When you hit connect your machine tells the main server its intention. The main server then gives you the IP address of the client machine. Your machine then begins firing UDP packets at the client. The client is signaled that you intend to connect and is given your IP. The client also starts firing UDP packets at you.
This causes both firewalls (yours and the clients) to allow the traffic, thus “punching holes” in the firewall.
Of course TeamViewer adds some security by doing a pin/password check before the main server sends the IP info to both parties but you get the idea.
I haven’t found a really good solution to locking this behavior down since the ips and ports change every session. Specifically the UDP port for punching will change and therefore generate an alert every time.
When you block an application do you use “Block Only” or “Block and Terminate”? If you simply want to block a connection but let the process keep running then you should use “Block Only”, when you’re using “Block and Terminate” that blocks the connection and terminates the application.
sorry for not replying for such very long tim (hope im not getting any one important angry or anything)
just one thing
1) I think creating an application rule for teamviewer from mac specific address to mac specific address should resolve the issue (people, tell me if I'm wrong on this one).
but arent mac adress are the adress of the network im correctly connected to?
becuse if will conncect my computer to another network via Wi-FI wouldent it just change my mac adress and ■■■■■ things over?
hen you block an application do you use "Block Only" or "Block and Terminate"? If you simply want to block a connection but let the process keep running then you should use "Block Only", when you're using "Block and Terminate" that blocks the connection and terminates the application.
Block only… still is shutting down the application