Privatefirewall Overview                               

Privatefirewall™ is a powerful Personal Firewall and Intrusion Detection Application that eliminates unauthorized access to your PC, at home, the office, or on the road. It provides users with full system protection out of the box, and can be further customized for advanced users. also constantly monitors other sensitive areas of a PC where intrusion can occur and reports on their status so that users can make regular decisions about these areas and make changes as necessary. A report is generated as a HTML file which the user has the option of viewing.

Once the Privatefirewall™ software is installed it immediately goes to work by evaluating four specific areas where PC intrusion can occur: Network, DCOM, Browser, and Access Control. A total of eleven individual settings are evaluated across these four areas. Once Privatefirewall™ completes its evaluation it automatically adjusts various system settings based on the user's specific configuration.   

While Privatefirewall does automatically adjust some system settings, user needs vary widely depending on network, firewall, and Internet connection configurations. A tool that would automatically change all these settings to a "high-security" level could prevent a PC from functioning in the way the user needs.  Privatefirewall's™ reporting capability is a proactive way for a user to monitor these settings. That is why Privatefirewall also allows to users to configure various security, firewall, and application settings to optimize system protection.

Running Privatefirewall    
 
                                                                                             

Privatefirewall™ works automatically. After installation, the Privatefirewall™ tray icon   appears in the lower right corner of the Windows Tray. No addition user actions are necessary.

Main Menu (Application Setting Page)                                                                       

(This can also be accessed from the Windows by clicking on Start/Programs/Privatefirewall 2.0) 

   

When “Main Menu” is selected, the main Privatefirewall™ screen becomes visible. (See screen shot below).  Users have the option of adjusting Application settings, Firewall Settings, or choosing from any of the program menu items.

   


There are also a series of toolbars buttons within the Privatefirewall Main Menu that perform the following commands:




Main Settings Toolbar  

     Settings – This will display the settings menu, where the user can choose from the general, or validate page. Click here for more settings information.

     About – This will display program information, version number, and copyright.

      Exit – This will minimize the main Privatefirewall screen display, but will not disable Privatefirewall.




Profile Settings Toolbar



Every Privatefirewall profile can be configured by the user by viewing the Firewall Settings Window on the left side of the main menu.  The user can predefine the sets of rules and settings called "Firewall Policies".   Click on the appropriate Firewall Profile Icon to modify rules/settings for that Profile.
 
     Home Profile – Used for a non-networked environment with no other existing firewall protection.  (“Medium” to “High” levels of Firewall Protection suggested. (Go to “File/Settings/Firewall” to adjust these settings))

     Office Profile – Usually within a networked environment, and may contain an existing company firewall solution.  (“Low” to “Medium” levels of Firewall Protection suggested if operating under an existing firewall. Check with company Systems Administrator for additional information.  (Go to “File/Settings/Firewall” to adjust these settings))

     On the Road Profile – Used for mobile employees who may have to dial in to the company network from various remote locations.  There is usually no existing firewall protection for this user.  (“Medium” to “High” levels of Firewall Protection suggested if there is no existing company firewall solution for remote employees. (Go to “File/Settings/Firewall” to adjust these settings))


One example where these profiles may be beneficial is if a user has a mobile computer for Home and Office use.  At Home, the user is not connected to a network, has no existing firewall installed, and dials out for Internet access.  At the office, the user is connected to the company network, which uses a company-wide firewall, and has broadband Internet access.  These two scenarios may require Privatefirewall to be configured in two very different ways.


Click here for more information regarding Firewall profiles, policies, and configuration. 





Internet Traffic (packet) Filtering

Privatefirewall monitors incoming Internet traffic (including Incoming Packets, which are chunks of information routed between an origin and a destination on the Internet or any other network, the destination being the user's system, (click here for more information about packets) based on what level of monitoring the user chooses.  The user can Allow, Filter, or Deny Internet traffic.

     Allow Internet Traffic – This setting will allow all Internet Traffic to and from any and all users.  This will provide the least amount of protection.

     Filter Internet Traffic (default) – This setting allows the user to access the Internet while maintaining maximum protection from incoming intrusion attempts.  Any rules/settings establish for any and all applications will be enforced under this setting.

     Deny Internet Traffic – This will black all incoming and outgoing Internet traffic.  
                                   

Privatefirewall Alerts                            

Application Detection Alert                                 



When an application that is not already listed in the main program window attempts to access the Internet, Privatefirewall alerts the user of this action and lets the user decide if they would like this application to have access to the Internet (see screen shot).  This alert informs the user of the program name, version number, date, time, and outgoing IP address.  The user can allow access, deny access, and have Privatefirewall remember their choice for future instances.

IP Address Alert

Whenever an unknown (or non-trusted) IP address attempts to gain access to your computer, you will receive a pop up alert that includes the date, time, type of packet, and IP address. (see screen shot)  The user can decide not to have these messages displayed again. 


                                

Privatefirewall Menus                            

File Menu                                 



The settings menu includes Check Security, Settings (which includes General and Validate), and Shutdown Privatefirewall.  Each page allows the user to make adjustments to the functionality and level of protection that Privatefirewall will provide. 


Settings Page

General
This page gives the user a choice of which menus/alert should display during normal operation.  The user can choose to have the Privatefirewall Main Menu pop-up each time the program starts, or when a dial-up connection is established, both, or neither, If neither are chosen, only the tray icon would appear when Privatefirewall is launched.  Also, the user can choose to have pop-ups appear for any detected application, or any incoming/outgoing alert, both, or neither (see screen shot). 

Validate (back)

This page gives the choice of having Privatefirewall notify the user of security issues or to have security settings adjusted automatically.  This page also allows the user to have Privatefirewall validate the security of DCOM Settings, Browser Settings, Access Control Settings, and Network Settings.  See detailed descriptions below.

DCOM Settings (back)                                                                    

This page includes check boxes for "DCOM" and "Incoming connections".  DCOM is an efficient type of network protocol. Click here for more information about DCOM.  The incoming connections box controls whether others users (authorized or not) on the network will be able to communicate with your machine.

Browser Settings (back)                                                                                                            

This page includes check boxes for "Active contents (Controls & Scripting)", "Download settings", and "Java applets and JVM Settings".  Active contents refers to content that changes on your screen, such as a stock ticker or a weather map.  Download settings refer to choosing whether the browser will prompt the user before downloading any unsafe content from the Internet.  Java applets & JVM Settings control if the browser will display any java enabled Internet content.  
Click here for more information about Browser Settings.

Access Control Settings (back) 

This page includes check boxes for "File Sharing", "Printer Sharing", "Logon Settings" and "Remote Access Settings".  File sharing and printer sharing enable other users on your network to have access to your files and your printer.  Logon settings refer to your network user name and password when you logon to the network.  Remote access settings control whether a remote user can have access to your files and printer.  Click here for more information about Access Control Settings.

Network Settings (back)                                                                                                              

This page includes check boxes for "protocols" and "bindings".  Protocols are the special set of rules for communicating that the end points in a telecommunication connection use when they send signals back and forth.  When network drivers and hardware are associated with one another, they are bound to one another.  Bindings link network components on different levels to enable communication between those components. A network component can be bound to one or more network components above or below it. 

When Privatefirewall is installed, it will check all listed settings as part of the default configuration.  This is designed to provide the most comprehensive protection possible.  If the user does not want a certain feature of any setting protected by Privatefirewall, they can unselect that feature and it will no longer be validated.  For example, a user on a small home-network may not want Privatefirewall to monitor their file and printer sharing as there may be no immediate threat to this type of network configuration.



Shutdown Privatefirewall (back)

This feature completely shuts down all Privatefirewall functionality.  This can also be done by clicking on 'Exit" from the Tray Icon.





View Menu

Hide Privatefirewall - This option minimized Privatefirewall so only the tray icon is displayed.

Display main window - This gives the user a choice of which menus/alert should display during normal operation.  The user can choose to have the Privatefirewall Main Menu pop-up each time the program starts, or when a dial-up connection is established, both, or neither, If neither are chosen, only the tray icon would appear when Privatefirewall is launched. 

Firewall Policies Menu



The user can predefine the sets of rules and settings (called “Firewall Policies”), for the following address groups: Internet, Local Network, Trusted Internet IP's, and Restricted Internet IP's.  This is designed to allow the user to have different rules and settings based on their current Firewall Profile. (Home/Office/On the Road).  

Customize
This allows the user to customized various system settings for each address group.  For example, if the "Internet" Firewall setting is highlighted in the "Firewall Settings" portion of the main menu, you can click on "Firewall Policies/Customize" and you will see the following menu:
    
                         




Add IP addresses

The user can add trusted IP address for each zone by clicking on the "Add" button from the "Add IP addresses" menu.  However, the user should follow these instructions before entering any IP addresses:

(Instructions on how to Add/Modify/Remove IP Addresses) - To add, modify, or remove an IP to of any Firewall zone, the user must know the relevant Internet Protocol (IP Address).  To find out this address, all you need to know is the corresponding Internet address (URL).  Then from the Windows desktop, click on "Start/Run....then type in "tracert and the URL".  For example,  if you wanted to find out the IP Address of our website, click on Start, Run, then type in "tracert www.privacyware.com" and press enter.  


                          


The results will display in window similar to the screen shot below:

            
            


This IP displayed on the first line (208.230.133.152) is what should be entered when Privatefirewall prompts the user to add an IP.  This can be entered by clicking on Firewall Policies/Add IP Addresses/Add (see screen shot).  This method applies for both Restricted and Trusted sites.


                                



***
Internet - The user can specify what level of protection they would prefer upon accessing the Internet.  

Local Network - This will list all Internet Protocols (IP's) that are configured to access the network or Internet.  For example, if the system has a static IP assigned to their system (ex: DSL Connection), this IP (and subnet mask, if applicable) will automatically be listed as Local Network Site.

Trusted/Restricted IP addresses - Privatefirewall also allows the user to establish custom levels of security for specific "Trusted" and "Restricted" IP Addresses.  This is especially useful if the user requires a different level of security for a specific IP compared to the default "Internet" security level.  Usually, rules for trusted sites are set at a lower level than the default Internet setting and rules for restricted sites are set at a higher level then default Internet settings.

Adding a trusted site that is frequently accessed will reduce the amount of pop-up alerts for that specific IP.  For example, if 207.71.92.221 is a trusted IP, the user can add this IP and set the security level to LOW for trusted sites.  This will prevent any future pop-alerts for that IP.  (See screen shots)


         
    
       
                                                                    


Firewall Profiles
 

     Home Profile – Used for a non-networked environment with no other existing firewall protection.  (“Medium” to “High” levels of Firewall Protection suggested. (Go to “File/Settings/Firewall” to adjust these settings))

     Office Profile – Usually within a networked environment, and may contain an existing company firewall solution.  (“Low” to “Medium” levels of Firewall Protection suggested if operating under an existing firewall. Check with company Systems Administrator for additional information.  (Go to “File/Settings/Firewall” to adjust these settings))

     On the Road Profile – Used for mobile employees who may have to dial in to the company network from various remote locations.  There is usually no existing firewall protection for this user.  (“Medium” to “High” levels of Firewall Protection suggested if there is no existing company firewall solution for remote employees. (Go to “File/Settings/Firewall” to adjust these settings))


One example where these profiles may be beneficial is if a user has a mobile computer for Home and Office use.  At Home, the user is not connected to a network, has no existing firewall installed, and dials out for Internet access.  At the office, the user is connected to the company network, which uses a company-wide firewall, and has broadband Internet access.  These two scenarios may require Privatefirewall to be configured in two very different ways.   

Applications Settings Menu





This menu allows the user to manually add, remove, or modify an existing application listed on the main program window.  Hackers can disguise themselves as a known application resource to gain access to other users' systems.  Privatefirewall detects the resources within each listed application that hackers may specifically use and enables those resources to block any "disguised resource" or hack attempt.  

Customize Rules (back)
NOTE: You must highlight the application you would like to customize in the main program window for this option to be utilized.

As illustrated in the screen shot below, Privatefirewall lists the Program name, program executable file name, program version number, and number of rules or "enabled resources" for that application.  It also lists the specific enabled resources for the highlighted application, and gives the user the option to remove, modify, or add new resources.  These options are for advanced users only!
                                                                             

Add new application (back)
NOTE: You must highlight any application in the main program window for this option to be utilized.

This option allows the user to manually add a new application to be listed in the main program window.  s illustrated in the screen shot below, Privatefirewall lists the Program name, program executable file name, program version number, and number of rules or "enabled resources" for that application.  It also lists the specific enabled resources for the highlighted application, and gives the user the option to remove, modify, or add new resources.  These options are for advanced users only!


Remove application (back)
NOTE: You must highlight the application you would like to remove in the main program window for this option to be utilized.

This option will remove the application you have highlighted in the main program menu.



Restore default settings (back)

This will restore all default applications to the main program menu.  This includes programs such as: Internet Explorer, Microsoft Outlook (Outlook Express), Netscape, Windows Explorer, etc.              

Reports Menu                                                  
***NOTE: All three reports described below can also be viewed in HTML format by clicking Reports/HTML Reports/(choose report)***

Check Security

This will run a refreshed HTML status report on your system (see status report below).

Status Report
(This can be accessed by clicking "Reports/Status Report" from the top menu.)

This report notifies the user of their system status regarding four specific areas where PC intrusion can occur: Network, DCOM, Browser, and Access Control (See screen shot).  Once the report is completed, each of the four components are evaluated by Privatefirewall and the status of each component is listed in the report as either Validated (blue icon), Warning (yellow icon), or Severe Problem (red icon).  When a component is highlighted, detailed information regarding that component is listed.  Under the Status column, "Validated" means that there is no security problem.  "Warning: potential security problem"  means that there may be a security issue with that component and the user should review their settings to see if any preventive action should be taken.  "Severe Problem" means that there is most likely a security problem with that component.  In these cases, Privatefirewall may correct the situation automatically and inform the user in the Status Report (see screen shot), but if not, the user should review their settings and take preventive action.

              

Port Tracking Page

This report monitors all system ports and protects them against any unauthorized entry.  In most cases, Privatefirewall goes one step further and makes all system port invisible to all outsider users (referred to as "Stealth" mode).  As illustrated in the screen shot below, Privatefirewall reports the following:

Application Name - This lists any application that may have access to the Internet or outside networks. the file name that the packet was attempting to be sent to (if any).
Port/ID  - Every system has over 65,000 ports.  This lists which port ID number is being used for the transfer of information.
Protocol - This is the Network Protocol, or type of network connection used to send the packet.
Local Address - This is the Internet address of the user's system.  This is the IP that information will be sent to.
Remote Address - This is the Internet address of where the incoming packet is coming from.  This will list either a specific IP, or if one is not currently detected, it will give a status (such as "Listening for packets/connections").

  Click here for more information/systems tests regarding Port Tracking.

                       




















Firewall Log Page                                                                                  

This report notifies the user of incoming packets, which are chunks of information routed between an origin and a destination on the Internet or any other network, the destination being the user's system. (click here for more information about packets).  As illustrated in the screen shot below, Privatefirewall reports the following:

Time/Date  - When the incoming packet was detected.
Origin IP (Internet address) - This is the Internet address of where the incoming packet is coming from.
Destination IP - This is the user's current IP.
This may the same address every time the user connects to the Internet (called a "Static IP", used in most T1/DSL connections).  Or, the IP may change every time the user connects to the Internet (called a "Dynamic IP" used in most Cable/Dial-Up connections) 
Protocol - This is the Network Protocol, or type of network connection used to send the packet.
Application Name (if applicable) - This lists the file name that the packet was attempting to be sent to (if any).

Click here for more information regarding Firewalls.

Related Information                                    
(The information/links below are intended to assist and educate users regarding our product and overall system protection in general)



Internet Traffic (Incoming Packet) Information                    
Incoming packets are chunks of information routed between an origin and a destination on the Internet or any other Network, the destination being the user's system.  These chunks of information (such as email, picture files, etc) can contain viruses, etc and therefore can be damaging to any system if it's contents are not checked (or "filtered") by the incoming system.  Privatefirewall includes packet filtering for this very reason.
Click here for more information about Packets (provided by Whatis?com)



DCOM Information 


                                                            
The Distributed Component Object Model (DCOM) is a protocol that enables software components to communicate directly over a network in a reliable, secure, and efficient manner.  Changing this setting to disable remote connections may affect your ability to execute certain programs remotely, though it should not prevent any of your usual Internet activities.  DCOM will work with both Java applets and ActiveX® components through its use of the Component Object Model (COM).  Follow the links below to learn more about DCOM. (provided by Microsoft)

Articles in the Press
A listing of media coverage on DCOM and related technologies from various publications.

White Papers
A listing of technical white papers, FAQs, and other documentation on DCOM and related technologies.

Case Studies
A collection of case studies that show how customers are building solutions with DCOM.

Downloads and CD-ROMs
A collection of useful downloads, SDKs, toolkits, and CD-ROMs for DCOM and related technologies.

Samples
A collection of developer samples for DCOM and related technologies.

Specs
Comprehensive documentation on DCOM.

Web Sites
A listing of other Web sites that offer technical information, resources and training on DCOM and related technologies.

Books
A collection of noteworthy books on DCOM and related technologies.

Network Information                                             

IPX

IPX/SPX (Internetwork Packaged Exchange/Sequenced Packet Exchange).
This component is necessary for an individual PC to exchange information on a network.   IPX is a datagram protocol used for connectionless communications. If you operate a single user PC you can remove IPX/SPX to improve your system's overall security.  Click here for more information about IPX (provided by Whatis?com)

NetBEUI / NetBIOS

NetBEUI (NetBIOS Extended User Interface). This is a component necessary for an individual PC to exchange information on a network. If you operate a single user PC you can remove NetBEUI to improve your system's overall security.  NetBEUI is a new, extended version of NetBIOS, and is the best performance choice for communication within a single LAN.  

Instructions on how to remove NetBEUI/NetBIOS from your system
If you would like to remove NetBIOS from you system, right-click on the "Network Neighborhood" Icon on the Windows Desktop, then left-click on "Properties".  The "Network" window should appear. (see screen shot)  In the list of network components, highlight any component labeled "NetBEUI" and click on the "Remove" button.  This will remove all NetBEUI/NETBIOS related components and you will then be prompted to restart your machine, which will complete the process.


                   




Click here for more information about NetBEUI (provided by Whatis?com)

NetBIOS (Network Basic Input/Output System) is a program that allows applications on different computers to communicate within a local area network (LAN). It was created by IBM for its early PC Network, was adopted by Microsoft, and has since become a de facto industry standard. NetBIOS is used in Ethernet, token ring, and Windows NT networks.  Click here for more information about NetBIOS (provided by Whatis?com)

TCP/IP

TCP/IP (Transmission Control Protocol/Internet Protocol) is the basic communication language or protocol of the Internet.  It can also be used as a communications protocol in the private networks called intranets and in extranets.  TCP/IP is required to access the internet for both networked and stand-alone computers.  Do no uninstall TCP/IP.   When you are set up with direct access to the Internet, your computer is provided with a copy of the TCP/IP program just as every other computer that you may send messages to or get information from also has a copy of TCP/IP.  Click here for more information about TCP-IP (provided by Whatis?com)

Browser Information                                           
  &nbs