norton personal firewall problem fixed!
well it took me about 10 days, and numerous email exchanges with a member of symantec's R&D team, but i finally have the firewall rules creation feature working again after having downloaded and installed the last security update.
as you may recall, the update, if acting normally, was supposed to make npf (or norton internet security) prompt for new rule creation every time a different application was trying to open. the basis for this was that under the old firewall system, norton just permissioned a portion of the app, like netscape.exe. this allowed bad guys to masquerade as netscape.exe and penetrate the firewall. the security update, as i understand it, made it so that the full path of the application is ID'd, thus eliminating the hacker's way in. but in order for these full paths to be put into effect, all previous rules had to be overwritten. and that is what was not happening on my system.
my investigation into this with the R&D person eventually led me to the win2000 registry, where i learned that by using an application called regedt32, i was able to view and edit administrator permissions set for the os. somehow, full control was not being given to admin (me) in certain symantec keys and subkeys. the permissions were set to 'read' only. changing to 'full control' made it possible for the old rule applications to be overwritten.
also, with the direction of the symantec person, we determined that one box in the main user interface called "enable personal firewall alerts" was not checked. interestingly, this box is similar to, but different than, another box that says "enable automatic firewall rule creation". and to really add some confusion, this last box needed to be unchecked in order for the alerts to occur. <g3>
when i look back on the experience with the symantec R&D person, i have to count it as one of the very best troubleshooting sessions i have ever been involved in. this person contacted me on their own (i'm sure it was as a result of a message i posted on the symantec boards), and demonstrated a sincere desire to get everything working properly. an added bonus was that they totally knew what they were doing, even though they had never encountered this set of behaviors from a system before.
it sure was neat to see the npf alerts pop up on my screen once again, the way that they were supposed to. and i must say that, despite my general satisfaction with the process, it's very easy for me to see how some people can become ultra annoyed with symantec software. you tell yourself that it shouldn't have to be this complex, but then when you begin to think of all the varied home systems and the multitude of platforms that these programs are expected to run on, it begins to seem more like a miracle that anything runs at all!
just wanted to share this experience with the thread....
:)
mark |
