PC Tools Firewall experience

FYI:

These are my notes from testing the app in VistaBus

Summary:
If you want something as simple as ZA use the "Vista Firewall Control" app
instead

1) Problem: IE could not access the Internet with PCTools f/w installed
VistaTest vol is drive R:

FireFox works; IE and aVast def update fail:
IE and aVast have 2 entries for app rules
First: references drive C:
Second references drive R:


FireFox has 2 entries for app rules
First: references drive R:
Second references drive C:

None of the C: entries should be there
Deleting them does not solve the problem

Uninstall PC Tools f/w:
All programs work
Reinstall PC Tools f/w:
Problem returns

If Vista was running from C:, may not have the problem


2) Installing it does not disable Vista's f/w

3) Provides control of outbound attempt by apps
Initial attempt prompts for:
Allow
Block
Remember this setting

4) Packet filtering is by Zone:
Has about 25 default rules for each Zone type
a) Internet zone has its own rules:
Has default rules for:
802.1x
ARP
Bit Torrent
DHCP
F&P Sharing (TCP only)
ICMP
ICQ
TCP/UDP
VPN


b) Trusted zone has its own rules:
Has default rules for:
(no TCP)
802.1x
ARP
DHCP
Ping
Tracert
UDP
VPN

5) Packet filtering rule criteria:
Ethernet type
MAC address (both)
Direction (both)
OSI layer 3 & 4 protocol
IP address (both)
Port (both)

6) Program menu cmds:
Settings: General:
Enable f/w
Enable app filtering
Enable packet filtering
Display traffic information in tray icon
Prompt to confirm changing an app's allow/block status
Automatically allow known apps
Check for updates automatically

Settings: Adapters:
"Use to set the zone for the available network adapters on your computer"
Adapters:
WAN Miniport (IPV6) - PCTools Driver
Default Zone: Internet
WAN Miniport (IP) - PCTools Driver
Default Zone: Internet
Intel Pro 100/VE Network Connection - PCTools driver
Default Zone: Internet


Zones:
(can select one for each adapter)
(There is one set of rules for all Internet Zone adapters)
(There is another set of rules for all Trusted Zone adapters)
The zones are:
Internet
Trusted
Allow all traffic

7) Application rules:
For outbound control
Sequential processing from the top of the rule list

A rule can have settings for:
Status:
Active

Actions:
Allow
Block
Log
Stop processing more rules

Conditions:
Ethernet type:
IP, IP v6, IP v4 or v6, 802.1x, ARP, Other
Local ethernet address
Remote ethernet address
Direction is
Outbound
Inbound
Protocol:
TCP, UDP, TCP or UDP, ICMP, ICMPV6, ICMP, 47-GRE, 50-SIPP-ESP, OTHER
Remote IP:
Match address, Match range, Use mask, Use my address
Local IP:
Match address, Match range, Use mask, Use my address
Remote port:
Match port
Match range
Local port is
Match port
Match range

Addendum:
Item 7) should be changed to read as follows:


7) Application rules:
For outbound control

8) Detail for a packet filtering rule in "Advanced Rules" section:
Sequential processing from the top of the rule list

A rule can have settings for:
Status:
Active

Actions:
Allow
Block
Log
Stop processing more rules

Conditions:
Ethernet type:
IP, IP v6, IP v4 or v6, 802.1x, ARP, Other
Local ethernet address
Remote ethernet address
Direction is
Outbound
Inbound
Protocol:
TCP, UDP, TCP or UDP, ICMP, ICMPV6, ICMP, 47-GRE, 50-SIPP-ESP, OTHER
Remote IP:
Match address, Match range, Use mask, Use my address
Local IP:
Match address, Match range, Use mask, Use my address
Remote port:
Match port
Match range
Local port is
Match port
Match range

"CZ" <CZ@no99spam.com> wrote in message
news:eiXIzc6XHHA.4868@TK2MSFTNGP03.phx.gbl...
> FYI:
>
> These are my notes from testing the app in VistaBus
>
> Summary:
> If you want something as simple as ZA use the "Vista Firewall Control" app
> instead
>
> 1) Problem: IE could not access the Internet with PCTools f/w installed
> VistaTest vol is drive R:
>
> FireFox works; IE and aVast def update fail:
> IE and aVast have 2 entries for app rules
> First: references drive C:
> Second references drive R:
>
>
> FireFox has 2 entries for app rules
> First: references drive R:
> Second references drive C:
>
> None of the C: entries should be there
> Deleting them does not solve the problem
>
> Uninstall PC Tools f/w:
> All programs work
> Reinstall PC Tools f/w:
> Problem returns
>
> If Vista was running from C:, may not have the problem
>
>
> 2) Installing it does not disable Vista's f/w
>
> 3) Provides control of outbound attempt by apps
> Initial attempt prompts for:
> Allow
> Block
> Remember this setting
>
> 4) Packet filtering is by Zone:
> Has about 25 default rules for each Zone type
> a) Internet zone has its own rules:
> Has default rules for:
> 802.1x
> ARP
> Bit Torrent
> DHCP
> F&P Sharing (TCP only)
> ICMP
> ICQ
> TCP/UDP
> VPN
>
>
> b) Trusted zone has its own rules:
> Has default rules for:
> (no TCP)
> 802.1x
> ARP
> DHCP
> Ping
> Tracert
> UDP
> VPN
>
> 5) Packet filtering rule criteria:
> Ethernet type
> MAC address (both)
> Direction (both)
> OSI layer 3 & 4 protocol
> IP address (both)
> Port (both)
>
> 6) Program menu cmds:
> Settings: General:
> Enable f/w
> Enable app filtering
> Enable packet filtering
> Display traffic information in tray icon
> Prompt to confirm changing an app's allow/block status
> Automatically allow known apps
> Check for updates automatically
>
> Settings: Adapters:
> "Use to set the zone for the available network adapters on your computer"
> Adapters:
> WAN Miniport (IPV6) - PCTools Driver
> Default Zone: Internet
> WAN Miniport (IP) - PCTools Driver
> Default Zone: Internet
> Intel Pro 100/VE Network Connection - PCTools driver
> Default Zone: Internet
>
>
> Zones:
> (can select one for each adapter)
> (There is one set of rules for all Internet Zone adapters)
> (There is another set of rules for all Trusted Zone adapters)
> The zones are:
> Internet
> Trusted
> Allow all traffic
>
> 7) Application rules:
> For outbound control
> Sequential processing from the top of the rule list
>
> A rule can have settings for:
> Status:
> Active
>
> Actions:
> Allow
> Block
> Log
> Stop processing more rules
>
> Conditions:
> Ethernet type:
> IP, IP v6, IP v4 or v6, 802.1x, ARP, Other
> Local ethernet address
> Remote ethernet address
> Direction is
> Outbound
> Inbound
> Protocol:
> TCP, UDP, TCP or UDP, ICMP, ICMPV6, ICMP, 47-GRE, 50-SIPP-ESP, OTHER
> Remote IP:
> Match address, Match range, Use mask, Use my address
> Local IP:
> Match address, Match range, Use mask, Use my address
> Remote port:
> Match port
> Match range
> Local port is
> Match port
> Match range


Tried PC Tools firewall. Installed easily. No problems, until I tried the
leak test by GRC. http://www.grc.com/lt/leaktest.htm The test says that I
effectively don't have a firewall. In that case I haven't solved anything
over the basic Vista firewall. Oh Well, it was free to try.