Comments
Description
Transcript
What is Intego NetBarrier X3?
User's Manual Intego NetBarrier X3 User's Manual Page 1 Intego NetBarrier X3 for Macintosh © 1999—2003 Intego, Inc. All Rights Reserved Intego, Inc. www.intego.com This manual was written for use with Intego NetBarrier X3 software for Macintosh. This manual and the Intego NetBarrier X3 software described in it are copyrighted, with all rights reserved. This manual and the Intego NetBarrier X3 software may not be copied, except as otherwise provided in your software license or as expressly permitted in writing by Intego, Inc. The Software is owned by Intego and its suppliers, and its structure, organization and code are the valuable trade secrets of Intego and its suppliers. The Software is protected by United States Copyright Law and International Treaty provisions. Intego NetBarrier X3 User's Manual Page 2 Contents 1- About Intego NetBarrier X3 .......................................................................................6 What is Intego NetBarrier X3?........................................................................................................ 7 Intego NetBarrier X3's Features.................................................................................................................. 7 Personal Firewall ........................................................................................................................................... 7 Antivandal ...................................................................................................................................................... 7 Data Filter ....................................................................................................................................................... 9 Intego NetBarrier X3's Privacy Protection................................................................................................ 9 Monitoring.................................................................................................................................................... 10 Using this User’s Manual .............................................................................................................. 11 2—Introduction to Computer Security........................................................................12 Why You Need to be Protected .................................................................................................... 13 How Can a Computer be Totally Safe? ................................................................................................... 14 What Is a Firewall?...................................................................................................................................... 14 Friend or Foe? .............................................................................................................................................. 15 What You Risk ................................................................................................................................. 15 Why People Break into Computers.......................................................................................................... 15 The Different Types of Attacks and Intrusions Possible...................................................................... 16 Privacy Protection............................................................................................................................ 17 3—Installation...............................................................................................................19 System Requirements..................................................................................................................... 20 Installing Intego NetBarrier X3.................................................................................................... 20 Registering Intego NetBarrier X3 ................................................................................................ 23 4—Quick Start ...............................................................................................................26 Intego NetBarrier X3's Setup Assistant ...................................................................................... 27 Using Intego NetBarrier X3 ....................................................................................................................... 36 Using the Intego NetBarrier X3 Overview Screen................................................................... 36 Resizing Intego NetBarrier X3 Windows................................................................................................ 39 Using the NetBarrier X3 Menu..................................................................................................... 40 Intego NetBarrier X3 Password Protection................................................................................ 42 Getting Help..................................................................................................................................... 42 Intego NetBarrier X3 User's Manual Page 3 5—The 4 Lines of Defense .............................................................................................43 Firewall .............................................................................................................................................. 44 Firewall settings........................................................................................................................................... 45 The Log.......................................................................................................................................................... 47 Trojan Horse Protection ............................................................................................................................. 65 Antivandal......................................................................................................................................... 67 Options .......................................................................................................................................................... 68 Setting Ping Flooding Sensitivity ............................................................................................................. 70 Setting SYN Flooding Sensitivity ............................................................................................................. 71 Setting Port Scan Sensitivity...................................................................................................................... 72 Alerts .................................................................................................................................................. 73 Attack Counter............................................................................................................................................. 75 Alert Options................................................................................................................................................ 76 The Stop List................................................................................................................................................. 79 The Trusted Group...................................................................................................................................... 93 Application Control ......................................................................................................................106 Using the Applications Tab..................................................................................................................... 107 Trusting System Processes....................................................................................................................... 109 Privacy Filters.................................................................................................................................115 Data Filter ................................................................................................................................................... 116 Banner Filter ............................................................................................................................................... 124 Cookie Manager......................................................................................................................................... 129 Cleaning Browser Files............................................................................................................................. 134 Surf Filter .................................................................................................................................................... 136 Monitoring ......................................................................................................................................140 Traffic........................................................................................................................................................... 140 The Intego NetBarrier X3 Monitor Screen Saver ................................................................................. 158 Network ...................................................................................................................................................... 161 Whois ........................................................................................................................................................... 166 Traceroute ................................................................................................................................................... 167 NetUpdate .......................................................................................................................................169 Intego NetBarrier X3 User's Manual Page 4 6—Preferences and Configurations............................................................................170 Intego NetBarrier X3 Preferences ..............................................................................................171 Interface....................................................................................................................................................... 172 Modem ........................................................................................................................................................ 173 Log Export Preferences ............................................................................................................................ 174 Traffic Export Preferences........................................................................................................................ 179 Whois ........................................................................................................................................................... 183 About Intego NetBarrier X3 ........................................................................................................185 Configuration Sets ........................................................................................................................186 Selecting the Active Configuration Set.................................................................................................. 186 Adding Configuration Sets...................................................................................................................... 187 Deleting Configuration Sets .................................................................................................................... 188 Renaming Configuration Sets ................................................................................................................. 189 Exporting Settings ..................................................................................................................................... 190 Importing Settings..................................................................................................................................... 190 7—Customized Protection..........................................................................................191 Using Intego NetBarrier X3’s Customized Mode ..................................................................192 User-configurable Firewall Options ...................................................................................................... 193 Rule Order .................................................................................................................................................. 193 Creating Rules with the Assistant.............................................................................................194 Using Predefined Rule Sets ..................................................................................................................... 206 Creating Rules................................................................................................................................208 Sources......................................................................................................................................................... 212 Destinations................................................................................................................................................ 218 Services........................................................................................................................................................ 225 Interfaces ..................................................................................................................................................... 231 Deleting Rules ............................................................................................................................................ 235 Editing Rules .............................................................................................................................................. 235 Using the Stop Processing Function ...................................................................................................... 236 Using the Rule Contextual Menu........................................................................................................... 237 8—Technical Support ..................................................................................................240 9—Glossary..................................................................................................................242 Intego NetBarrier X3 User's Manual Page 5 Chapter 1 – About Intego NetBarrier X3 1- About Intego NetBarrier X3 Intego NetBarrier X3 User's Manual Page 6 Chapter 1 – About Intego NetBarrier X3 What is Intego NetBarrier X3? Intego NetBarrier X3 is the Internet security solution for Macintosh computers running Mac OS X. It offers thorough protection against intrusions coming across the Internet or a local network. Intego NetBarrier X3 protects your computer from intrusions by constantly filtering all the activity that enters and leaves through the Internet or a network. Intego NetBarrier X3 protects you from thieves, hackers and intruders, and warns you automatically if any suspicious activity occurs. Intego NetBarrier X3's Features Intego NetBarrier X3 has four lines of defense, to protect your computer and your data from intrusions and attacks. Personal Firewall Intego NetBarrier X3 contains a personal firewall that filters data as it enters and leaves your computer. A full set of basic filtering rules is used by default, and its Customized protection mode allows you to create your own rules, if you need to. Antivandal Intego NetBarrier X3's Antivandal is a powerful guardian for your computer. It watches over your computer's network activity, looking for signs of intrusion, and, if it detects anything, stops the intruder in their tracks and sends you an alert. The Antivandal has Intego NetBarrier X3 User's Manual Page 7 Chapter 1 – About Intego NetBarrier X3 another powerful function, the Stop List, that records the address of any intruder who attempts to get into your computer, and ensures that they cannot come back. Several options allow you to choose the type of protection you have on your computer. Alerts Intego NetBarrier X3 stops all incoming data that is considered hostile. It can display an alert dialogue, showing why the data was stopped, and asking you to allow or deny it. You can also select other alert options, such as having Intego NetBarrier X3 play a sound, put the host automatically in the Stop List or send an email message to the address(es) of your choice in the case of an alert. Stop List When an intruder is detected trying to break in to your computer, Intego NetBarrier X3 allows you to put them on the Stop List, where their network address will be saved, and if a computer with the same address tries to enter your computer again it will be automatically blocked. Trusted Group In some cases, computers you know—friends, not foes—will be blocked by Intego NetBarrier X3. These may be computers on your local network, blocked because they are sending pings to your computer, for example. Intego NetBarrier X3 allows you to put them in the Trusted Group, where they will be considered friends for as long as you want, ensuring that computers on your network have full access to your computer. Application Control Intego NetBarrier X3 lets you control Internet and network access by individual applications. Whenever an untrusted application tries to connect to the network, Intego NetBarrier X3 User's Manual Page 8 Chapter 1 – About Intego NetBarrier X3 Intego NetBarrier X3 can display an alert, informing you which application is making the connection. If you want to allow that application to access the network—if it truly is an application you know should be using the network—then you can do so. But if an application tries to connect surreptitiously, you can block it permanently. Data Filter Intego NetBarrier X3 has a unique function that protects you and your information: its Data Filter ensures that any sensitive information you choose to protect cannot leave your computer and go onto a network. You decide what to protect, such as your credit card number, passwords, or key words that appear in sensitive documents, and Intego NetBarrier X3's Data Filter checks each outgoing packet to make sure that no documents containing this information are sent. Not only does this protect you from accidentally sending documents containing this information, it also prevents anyone who has network access to your computer from taking copies of them. Intego NetBarrier X3's Privacy Protection Intego NetBarrier X3 helps protect your privacy. It can block ad banners and lets you manage cookies, deleting them whenever you want. It can clean your browser's cache and history files. And it has a unique feature that hides information about your computer: its platform, which browser you are using, and the last web page you visited. Intego NetBarrier X3 User's Manual Page 9 Chapter 1 – About Intego NetBarrier X3 Monitoring Intego NetBarrier X3 contains powerful tools for monitoring your network activity and usage. Its activity gauges show your network traffic in real time, and its additional monitoring functions give you essential information on your computer, its network, and the services and connections that are active. Intego NetBarrier X3 even offers a monitoring screen saver, so you can always keep on eye on your network traffic. Intego NetBarrier X3 User's Manual Page 10 Chapter 1 – About Intego NetBarrier X3 Using this User’s Manual You are a: • Home user, connected to the Internet If this is your situation, you should read chapter 2, Introduction to Computer Security, and then go on to chapter 3, Installation, and chapter 4, Quick Start. If you feel you have learned enough, you can stop there—Intego NetBarrier X3 is configured to automatically protect your computer from intruders. If you want to know more, go on and read chapter 5, The Four Lines of Defense. • Business or Academic user, connected to a local network and the Internet If you are connected to a local network, you will want to read the above as well. Intego NetBarrier X3's basic protection modes will probably be sufficient for you. • Advanced user, using your computer as a server, or administering a network The entire manual concerns your situation, but you will especially want to read chapter 7, Customized Protection, to find out how to create your own rules. There is a glossary at the end of the manual that defines the specific terms used. Intego NetBarrier X3 User's Manual Page 11 Chapter 2 – Introduction to Computer Security 2—Introduction to Computer Security Intego NetBarrier X3 User's Manual Page 12 Chapter 2 – Introduction to Computer Security Why You Need to be Protected Whether you use your computer for work or just for surfing the Internet, whether you are on-line all day long, or just occasionally, whether you are on a local network in a home office, or part of a large corporation or educational institution, your computer contains sensitive information. This may be anything from your credit card numbers to your bank account information, contracts with customers or employees, confidential projects or e-mail messages and passwords. No matter what you have on your computer that is for your eyes only, there is somebody out there who would certainly find it interesting. The more you use your computer for daily activities, whether personal or professional, the more information it holds that should be protected. Think of your computer as a house. You certainly lock your doors and windows when you go out, but do you protect your computer in the same way? As long as you are connected to a network, there is a way for wily hackers or computer criminals to get into it—unless you protect it with Intego NetBarrier X3. When your computer is connected to a network, whether it be a private, local network, or the Internet, it is like a house on a street, with doors and windows. Intego NetBarrier X3 works like a lock, to protect those doors and windows. You never know who is watching when you are connected to a web site. Maybe that gaming site, with the cheats you were looking for, has a cracker behind it, who wants to snoop on your computer, to see if he can find anything interesting. Or perhaps that stock market information site, where you went to get company results, has a curious hacker watching who connects, and who enjoys messing up people's computers just for fun. Intego NetBarrier X3 User's Manual Page 13 Chapter 2 – Introduction to Computer Security Without Intego NetBarrier X3, you may never know if anyone is trying to get into your computer. A computer is only as secure as the people who have access to it. Intego NetBarrier X3 protects your computer by preventing unauthorized network access to your computer, and by protecting against unauthorized export of private information. How Can a Computer be Totally Safe? It has been said that the only truly secure computer is one that is switched off and unplugged, locked in a titanium-lined safe, buried in a concrete bunker, and surrounded by nerve gas and very highly-paid armed guards. Obviously, this is not practical—if you have a computer, you want to be able to use it. But Intego NetBarrier X3 provides a level of protection that goes far beyond what most users need, and its customizable rules make it a powerful tool for system and network administrators, allowing them to adapt the protection to their specific needs. What Is a Firewall? A firewall is, as its name suggests, like a wall. It protects your computer or network by separating users into two groups—those inside the wall, and those outside. It is configured to determine what access outsiders have to computers inside the wall, and what access insiders have to computers and networks on the other side of the wall. A firewall is a kind of filter that acts between your computer, or network, and a wide area network such as the Internet. It functions by filtering packets of data, and examining where they come from and where they are going. Intego NetBarrier X3 User's Manual Page 14 Chapter 2 – Introduction to Computer Security Intego NetBarrier X3 allows advanced users to configure specific rules, to protect against foes that wish to infiltrate your computer. Friend or Foe? Every wall has to have a gate so people can get in and out. Intego NetBarrier X3's Antivandal acts as a filter, or a guard standing at the gate in the wall, checking all incoming and outgoing data for signs of hackers, crackers, vandals, spies, intruders and thieves. This can be done because there are many "standard" ways to enter an unprotected computer, and Intego NetBarrier X3 knows these methods. What You Risk Why People Break into Computers People break into computers for many reasons. Sometimes this is done just to get into more systems; by hopping between many computers before breaking into a new one, crackers hope to confuse any possible pursuers and put them off the scent. There is an advantage to be gained in breaking into as many different sites as possible, in order to "launder" your connections. Another reason is that some people simply love to play with computers and stretch them to the limits of their capabilities. This is a bit like people who write graffiti on walls—they just want to do it because it’s there. But the more serious invaders are real criminals. These may be competitors, looking for information on your company's activities, projects or customers; thieves, looking for Intego NetBarrier X3 User's Manual Page 15 Chapter 2 – Introduction to Computer Security passwords and credit card numbers; or simply spies. While most companies have computer security policies, few of them think of protecting data on their employees' home computers—but these computers often have sensitive documents that employees have brought home from work. Unfortunately, we live in a world where anything of value is a target for thieves. Since today's economy is built around information, it is obvious that information has become the latest target. Here's a simple example: last year, on Mother's Day, you sent your mother, or maybe your wife, some flowers. You ordered by fax, because you don't trust sending your credit card number over the web. But the document that you typed, containing your credit card number, is still on your hard disk. If someone found it, they would have your credit card number, and you might become a victim of fraud. The Different Types of Attacks and Intrusions Possible There are many reasons why people attempt to obtain entry into other people's computers, and many ways to do so. Here are some of them: • Stealing confidential documents or information. • Executing commands on your computer that modify the system, erase your hard disk, or disable your computer. • Hacking web sites, by replacing pages with different text and graphics. • Launching denial-of-service attacks that can render your computer temporarily unusable. • Getting information about your computer, that will allow someone to break into your network, or your computer, at a later time. Intego NetBarrier X3 User's Manual Page 16 Chapter 2 – Introduction to Computer Security Privacy Protection One thing you don't notice when you surf the Internet is how much personal information different web sites try to get from you. You can clearly see the ones that openly ask you to register to use them; you enter a user name and a password, and sometimes your name, address, and other information as well. This information is often used to trace your behavior, to find what your interests are, and to market products and services to you. More and more Internet users refuse to give web sites this kind of information. Sometimes you learn the hard way: you register at a web site, and end up getting spam, e-mail about things you never requested. By then, it's usually too late. But web sites have other ways of getting information about you and your behavior. Did you know that your browser sends information to web sites telling which operating system you are using, which browser you are surfing with, and even the last web page you visited? Then there are cookies. A cookie is a file on your hard disk, which contains information sent by a web server to a web browser and then sent back by the browser each time it accesses that server. Typically, this is used to authenticate or identify a registered user of a web site without requiring them to sign in again every time they access that site. Other uses are maintaining a "shopping basket" of goods you have selected to purchase during a session at a site, site personalization (presenting different pages to different users), or tracking a particular user's access to a site. While cookies can have legitimate uses, as we have seen above, unscrupulous web sites use them to collect data on your surfing habits. They sell this data to companies that will then target you specifically for products and services that correspond to these habits, or even ensure that when you surf on certain sites, you see ad banners that match these habits. Intego NetBarrier X3 User's Manual Page 17 Chapter 2 – Introduction to Computer Security Intego NetBarrier X3's approach to privacy is simple: it provides you with the means to prevent certain information from being recorded without your knowledge. Intego NetBarrier X3 User's Manual Page 18 Chapter 3 – Installation 3—Installation Intego NetBarrier X3 User's Manual Page 19 Chapter 3 – Installation System Requirements • Any officially-supported Mac OS X compatible computer • Mac OS X 10.1.1 or higher, or Mac OS X Server 10.1.1 or higher • 25 MB free hard disk space • Minimum screen resolution 800 x 600 Installing Intego NetBarrier X3 Installing Intego NetBarrier X3 is very simple. Insert the Intego NetBarrier X3 CD-ROM in your computer's CD-ROM drive. (If you have purchased Intego NetBarrier X3 by download, you will have a disk image file, called Intego NetBarrier X3.dmg. Double-click this file to open the disk image, which will mount on the desktop.) A window opens, containing a series of folders, one for each language. Double-click the folder for your language, and you'll see the Intego NetBarrier X3 installer, the Read me file, and the Intego NetBarrier X3 manual (this file). First, read the Read me file, for any late-breaking changes. Then, double-click the Intego NetBarrier X3 installer. Intego NetBarrier X3 User's Manual Page 20 Chapter 3 – Installation You will see a window informing you that you must enter an administrator’s password to install Intego NetBarrier X3. Enter your password in the dialog that is displays or click the lock to enter your password (OS X 10.1). Enter your password, then click OK. The following window displays: Click Continue to proceed with installation. The Intego software license displays. Click Continue, then click Agree if you accept this license; if not, click Disagree, and the installer will quit. Intego NetBarrier X3 User's Manual Page 21 Chapter 3 – Installation The next window shows all the available disks or volumes on your computer. Select the disk or volume where you want to install Intego NetBarrier X3, then click Continue. Click Install to install Intego NetBarrier X3. This performs a basic installation. If you wish to perform a custom installation, click Customize. The following window displays: This window lets you choose which items will be installed. As you can see, the Common Intego Services check box is grayed out, because this must be installed. You have the choice of installing either Intego NetBarrier X3, NetUpdate or both. After installation, you will have to restart your computer. Intego NetBarrier X3 User's Manual Page 22 Chapter 3 – Installation Registering Intego NetBarrier X3 When you restart your computer, open Intego NetBarrier X3—it is found in your Applications folder. Intego NetBarrier X3 will open its Registration program, and display the following window: Since Mac OS X is a multi-user operating system, not all users have the same privileges. When starting up Intego NetBarrier X3 for the first time, any user can enter the serial number, but only a user with administrator privileges can configure the program. You must enter your name, company, if any, and your serial number. The serial number is found on a sticker on the Intego NetBarrier X3 CD. When registration is completed, Intego NetBarrier X3 will open, and, if you are an administrator, you can configure the program. Intego NetBarrier X3 User's Manual Page 23 Chapter 3 – Installation Using Intego NetBarrier X3 in Evaluation Mode Intego NetBarrier X3 offers an evaluation mode, to allow you to discover how it works before purchasing the program. To use Intego NetBarrier X3 in evaluation mode, click Cancel when the registration screen displays. Intego NetBarrier X3 then displays a screen asking if you want to run the program in Evaluation mode. If you do, click Evaluation mode; if not, click Cancel. When Intego NetBarrier X3 runs in evaluation mode, it functions for 30 days. At the end of this period, you can either purchase a license for Intego NetBarrier X3 or delete the program. Intego NetBarrier X3 User's Manual Page 24 Chapter 3 – Installation You can find out how much time is left in your evaluation session by choosing About Intego NetBarrier X3 from the Intego NetBarrier X3 menu. The About screen tells you that the program is in evaluation mode, and shows the time remaining in evaluation mode. If you wish to purchase a license for Intego NetBarrier X3, click the Buy Now... button on the about window to go to the Intego web site. Intego NetBarrier X3 User's Manual Page 25 Chapter 4 – Quick Start 4—Quick Start Intego NetBarrier X3 User's Manual Page 26 Chapter 4 – Quick Start Intego NetBarrier X3's Setup Assistant When you first open Intego NetBarrier X3, the program's Setup Assistant launches to help you quickly and easily adjust Intego NetBarrier X3's basic settings so they are adapted to your network usage. Intego NetBarrier X3 User's Manual Page 27 Chapter 4 – Quick Start The Intego NetBarrier X3 Setup Assistant walks you through a series of steps to configure the program: • Computer Info • Services • Connection • Cable Connection • Alert Notification • E-mail Info • Conclusion Click the right arrow to begin configuring Intego NetBarrier X3. You can click the left arrow at any time to return to previous screens. Or click Skip to start Intego NetBarrier X3 without using the Setup Assistant. Intego NetBarrier X3 User's Manual Page 28 Chapter 4 – Quick Start Computer Info This screen asks you some questions about how you use your Macintosh. Choose the profile that best fits your usage. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 29 Chapter 4 – Quick Start Services This screen asks whether your Macintosh is running a web server. If you have enabled Personal Web Sharing in the Sharing System Preferences pane, click Yes. If not, click No. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 30 Chapter 4 – Quick Start Connection This screen asks you how your Macintosh is connected to the Internet. Choose the appropriate connection method. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 31 Chapter 4 – Quick Start Cable Connection If you checked Cable on the previous screen, the Cable Connection screen displays. This screen asks if you have a limit on data uploads. If you have a limit on your data uploads, and wish to have Intego NetBarrier X3 notify you when you reach this limit, check Yes, notify me, and enter your monthly limit in the field. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 32 Chapter 4 – Quick Start Alert Notification This screen asks you how you want Intego NetBarrier X3 to react when it detects an intrusion or attack. Choose the action you want Intego NetBarrier X3 to take from the choices proposed. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 33 Chapter 4 – Quick Start Mail Info If you checked Send an e-mail on the previous screen, this screen asks you to enter e-mail information so Intego NetBarrier X3 can send e-mail alerts. Enter your e-mail address and mail server in the appropriate fields. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 34 Chapter 4 – Quick Start Conclusion This final screen configures Intego NetBarrier X3 according to your choices. Click Configure to configure Intego NetBarrier X3 and exit the assistant. Click the left arrow to return to any of the previous screens to make changes. Intego NetBarrier X3 User's Manual Page 35 Chapter 4 – Quick Start Using Intego NetBarrier X3 After you have configured Intego NetBarrier X3 with the Setup Assistant, Intego NetBarrier X3 opens and displays its Overview screen. Using the Intego NetBarrier X3 Overview Screen When you open Intego NetBarrier X3, the program displays its Overview screen (see above). This screen gives you quick access to Intego NetBarrier X3's functions and a summary of all its settings. The Overview screen lets you check on Intego NetBarrier X3 in a glance. Each section of the Overview screen shows information corresponding to one of the four lines of defense. Intego NetBarrier X3 User's Manual Page 36 Chapter 4 – Quick Start The Firewall section of the Overview screen gives you information about Firewall, Log and Trojan settings. The Antivandal section of the Overview screen gives you information about Alerts, the Stop List, the Trusted Group and Application blocking. The Privacy section of the Overview screen gives you information about Data, Banner, Cookie and Surf filters, and tells you the last time you cleaned out your cache files and histor files. The Monitoring section of the Overview screen gives you information about Incoming and Outgoing traffic. Intego NetBarrier X3 User's Manual Page 37 Chapter 4 – Quick Start In addition, two other buttons give you access to other features of Intego NetBarrier X3: The NetUpdate section of the Overview screen gives you information about the version of Intego NetBarrier X3 you have installed, the last time you checked for an update and the available version. You can return to the Overview screen at any time, no matter which screen is open, by clicking the Overview button. The Overview screen also provides one-click access to all of Intego NetBarrier X3's windows and tabs. As you move your cursor over the white text labels, you'll notice that these labels become underlined. Just click one of these labels to go directly to its window or tab. Click any of the buttons on the left of the window to return to those windows, or click the Overview button to return to the Overview screen. Intego NetBarrier X3 User's Manual Page 38 Chapter 4 – Quick Start Resizing Intego NetBarrier X3 Windows With the exception of the Overview window, all of Intego NetBarrier X3's windows are resizable. To change the size of a window, click the lower-right corner of the window and drag it to the size you want. You can decrease the size of any window by dragging to make it smaller. Intego NetBarrier X3 User's Manual Page 39 Chapter 4 – Quick Start Using the NetBarrier X3 Menu Intego NetBarrier X3 installs a menu in your menu bar, offering you quick access to many of the program's functions. (You can turn off this menu in the Intego NetBarrier X3 preferences; see Chapter 6, Preferences and Configurations, for more.) Click the Intego NetBarrier X3 icon in the menu bar to display the menu. Intego NetBarrier X3 User's Manual Page 40 Chapter 4 – Quick Start You can set the active firewall mode from this menu by selecting one of the six possibilities. When you do this, the menu bar icon changes to show which firewall mode is active. No Restrictions No Network Client, Local Server Server Only Client Only Customized You can also turn on or off certain functions of Intego NetBarrier X3 by selecting them from the menu. A check mark in the menu shows that the function is on. For example, to turn on the Banner Filter, select that item in the menu. It will display a check showing it is active. You can also select configurations from the Intego NetBarrier X3 menu. See Chapter 6, Preferences and Configurations, for more on creating and using configurations. And you can open Intego NetBarrier X3 from this menu by selecting Open Intego NetBarrier X3... Intego NetBarrier X3 User's Manual Page 41 Chapter 4 – Quick Start Intego NetBarrier X3 Password Protection Intego NetBarrier X3 uses built-in Mac OS X password protection. In order to install and configure the program, the user must have administrator’s rights, and log in with an administrator’s name and password. Other users, who do not have administrator’s rights, cannot change any of Intego NetBarrier X3’s settings or preferences. These users can view such things as logs and traffic gauges, but this protection ensures that unauthorized users cannot make changes to the program’s operation. Getting Help You can get help on some of Intego NetBarrier X3’s functions by holding your cursor over certain texts and zones: A Tool Tip displays explaining the various functions and features. You can also get help in this manual, or by checking the Intego web site: www.intego.com. Intego NetBarrier X3 User's Manual Page 42 Chapter 5 — The 4 Lines of Defense 5—The 4 Lines of Defense Intego NetBarrier X3 User's Manual Page 43 Chapter 5 — The 4 Lines of Defense Intego NetBarrier X3 is a powerful, easy-to-use program that protects your computer when connected to a network. It offers four lines of defense to protect your computer from intrusions and attacks. Firewall Intego NetBarrier X3 contains a personal firewall. This is a powerful program that filters all the data packets that enter or leave your computer, to or from the Internet or a local TCP/IP network, to allow or prevent data going to and coming from specific sources and destinations. It also protects you from Trojan Horses by blocking the ports they use. To view the Firewall screen, click the Firewall button on the left of the main interface. The Firewall screen displays, with its three tabs: General, Log and Trojans. Intego NetBarrier X3 User's Manual Page 44 Chapter 5 — The 4 Lines of Defense Firewall settings Intego NetBarrier X3's Firewall has 6 different settings that correspond to the way you use your computer. The first five settings, which use preprogrammed rules, cover all the situations that you will encounter in normal use. The last setting, Customized, allows you to design your own rules, to precisely control access to and from your computer. No restrictions In this mode, there are no restrictions, and Intego NetBarrier X3's Firewall allows all incoming and outgoing network data to be sent and received. If you select this setting, it is as if the Firewall were turned off. No network In this mode, Intego NetBarrier X3's Firewall prevents all data from entering or leaving your computer to or from the Internet or a local TCP/IP network. This is useful if you are away from your computer and wish to protect it totally. Client, local server In this mode, Intego NetBarrier X3's Firewall protects your computer when it is functioning as a client and local network server. Activity between your computer and the Internet is available, as a client, and you can be both client and server on a local network. Intego NetBarrier X3 User's Manual Page 45 Chapter 5 — The 4 Lines of Defense Server only In this mode, Intego NetBarrier X3's Firewall protects your computer when it is functioning only as a server. The client functions of your computer are blocked. Client only In this mode, Intego NetBarrier X3's Firewall protects your computer when it is functioning only as a client on a local network, or when you are connected to the Internet. The server functions of your computer are blocked. Customized This setting gives you access to Intego NetBarrier X3's most powerful features, by allowing you to create your own custom Firewall rules. But, since this setting gives access to such powerful possibilities for creating rules, it should only be used by experienced network administrators. For more on Customized mode, see chapter 7, Customized Protection. Intego NetBarrier X3 User's Manual Page 46 Chapter 5 — The 4 Lines of Defense The Log How the Log Works The Log shows a record of all the activity where Intego NetBarrier X3 has acted. It lists each time that there has been an incident, the address of the intruder, and the kind of incident recorded. Intego NetBarrier X3 User's Manual Page 47 Chapter 5 — The 4 Lines of Defense Selecting What to Display in the Log You can choose what type of information is displayed in the Log. Checking any of the following check boxes will display related activity. If any of them are unchecked, their activity will not be displayed. General This is general Intego NetBarrier X3 activity, such as Intego NetBarrier X3 startup and alerts. Firewall Intego NetBarrier X3 logs all firewall activity, when rules are applied, if logging has been activated in the rules. Networking Intego NetBarrier X3 logs all connections to networks or the Internet, and when IP addresses in the Stop List attempt to connect to your computer. Intego NetBarrier X3 User's Manual Page 48 Chapter 5 — The 4 Lines of Defense Domain Name Resolution Intego NetBarrier X3 helps you track down intruders by resolving domain names of your connections. Internet addresses exist in two forms: numbers, such as 255.255.0.0, and names, such as intego.com. The correspondence between the two is recorded in domain name servers all across the Internet. When Name Resolution is checked in the Log panel, Intego NetBarrier X3 will attempt to find the names for each of the Internet addresses shown in the log. If found, these domains will then be displayed in their name form, rather than as numbers. Note: Intego NetBarrier X3 is not always able to resolve the names of some Internet addresses, since not all such addresses have name equivalents. Intego NetBarrier X3 User's Manual Page 49 Chapter 5 — The 4 Lines of Defense Expert Mode If you choose to display the log in Expert Mode, Intego NetBarrier X3 displays additional columns in the log. These columns are Source, Protocol, Source Port, Destination Port, Flags and Interface. Pausing the Log If you have many connections entering and leaving your computer, you may find it difficult to follow the log as it displays. To help you view the log, click the Pause button. The log display stops but the log keeps recording data. Click the Pause button again to resume realtime display. Intego NetBarrier X3 User's Manual Page 50 Chapter 5 — The 4 Lines of Defense Changing the Log Display You can sort the Log by any of its columns by clicking on the header just above the column. You can also sort it in ascending or descending order by clicking the sort button, the small triangle in the selected sort column header. You can drag any of the columns to change their order. To do this, click one of the column headers and drag it where you want, then release your mouse button. You can change the width of any of the Log's columns. To do this, move the cursor to the line between two columns. The cursor will change, showing that you can move this Intego NetBarrier X3 User's Manual Page 51 Chapter 5 — The 4 Lines of Defense boundary. Click the cursor and drag in either direction to make a column wider or narrower. You can expand the list display by clicking the zoom box on the right side of the list. The list will expand, covering the area above it, giving you a display with more lines. To reduce the list display, click the zoom box again. It will return to its normal size. Intego NetBarrier X3 User's Manual Page 52 Chapter 5 — The 4 Lines of Defense Understanding the Log Each Log entry contains 4 different items: Icons The Green icon indicates General activity. The Yellow icon indicates Firewall activity. The Red icon indicates Network activity. Date & Time This is the date and time of the incident. Network Address This is the originating IP address of the incident. If you have checked Name resolution, you will see the domain names for those addresses that Intego NetBarrier X3 was able to resolve. Kind This is the kind of incident reported. When the Log displays its contents in Expert mode, it shows additional columns: Protocol This is TCP, UDP, ICMP or IGMP. Src Port The source port, or the port by which the data is sent. Intego NetBarrier X3 User's Manual Page 53 Chapter 5 — The 4 Lines of Defense Dest Port The destination port, or the port to which the data is sent. Flags This displays the following TCP flags: A (acknowledge), S (synchronize sequence number), F (end of data), or R (reset). Interface This is the network interface used to send the data. If you have more than one network interface (such as an Ethernet card and an AirPort card) this specifies the interface. If you only have one interface this column always displays the same information. Clearing the Log To clear the Log, and erase all information stored in the Log, click Clear...; a dialog displays asking if you really want to clear the Log. Click Clear to clear the Log, or click Cancel to cancel the operation. Intego NetBarrier X3 User's Manual Page 54 Chapter 5 — The 4 Lines of Defense Selecting Log Data You can select log data to copy, and paste into another program or to drag into another window. You can make multiple selections in the Log window. To do this, select one item, hold down the Shift key, and select another item a few lines away. All the lines between the beginning and the end of your selection will be highlighted. To make a non-contiguous selection, hold down the Command key and select several non-contiguous lines. After you have selected log data, you can copy it, if you wish to paste it into another application, or drag and drop it into another application's window, or on the desktop. Intego NetBarrier X3 User's Manual Page 55 Chapter 5 — The 4 Lines of Defense Log Window Contextual Menu If you hold down the control key and click any Log entry a contextual menu displays. This menu allows you to do the following: Copy to Clipboard If you select Copy to Clipboard from the contextual menu, the content of this line will be copied to the clipboard. You can then paste it into any application or document. Add to Trusted Group If you select Add to Trusted Group from the contextual menu, the IP address will be added to the Trusted Group. For more on the Trusted Group, see the Trusted Group section later in this chapter. Intego NetBarrier X3 User's Manual Page 56 Chapter 5 — The 4 Lines of Defense Add to Stop List If you select Add to Stop List from the contextual menu, the IP address will be added to the Stop List. For more on the Stop List, see the Stop List section later in this chapter. Find Domain Info If you select Find Domain Info from the contextual menu, Intego NetBarrier X3 will switch to the Whois tab and look up the domain name or IP address using its Whois function. For more on Whois, see the Whois section later in this chapter. Find Route If you select Find Route from the contextual menu, Intego NetBarrier X3 will switch to the Traceroute tab and look up the route between your computer and the IP address in the log. Intego NetBarrier X3 User's Manual Page 57 Chapter 5 — The 4 Lines of Defense Exporting the Log You can export log data in several formats. When doing a manual export, only the data displayed is exported—if you have only checked, say, Firewall in the Log panel, only Firewall data will be exported. (You can also have the Log data exported automatically. For more on this, see chapter 6, Log Export Preferences.) To export Log data, click the Export... button. A dialog will prompt you to save the file; you may change its name if you wish. Choose where you wish to save it—by default, all export files are saved to the current user’s Documents folder. Logs can be exported in six formats. Click the Format popup menu to select the export format. You can choose from the following formats: Expert HTML This is the log in HTML format with additional columns. It shows that same information as the log when in Expert mode. Intego NetBarrier X3 User's Manual Page 58 Chapter 5 — The 4 Lines of Defense Expert Text This is the log in text format with additional columns. It shows that same information as the log when in Expert mode, and has tabs separating the columns, which can be easily imported into a spreadsheet. HTML This is the log in HTML, which is readable by any web browser, and is presented in table form. Analytic This is similar to Expert Text format, without tab separators, but with labels in front of some fields. Text This is the log in text format, which can be read by any word processor. Who's there? This format saves the log as a text file, with the following information: DATE: The date of the connection. TIME: The time of the connection. RESULT: The result of the connection. HOSTNAME: The host IP address. SERVER_PORT: The server port used for the connection. METHOD: The type of connection; TCP or UDP. Click Save. You will now have a copy of your log that you can open with any word processor (text), spreadsheet (text) or web browser (HTML). Intego NetBarrier X3 User's Manual Page 59 Chapter 5 — The 4 Lines of Defense Displaying the Log Window The Log window can be displayed alone, without the rest of Intego NetBarrier X3’s interface. To do this, select Show Log Window from the Window menu. This displays the Log in a new window that you can resize, to make it easier to view long logs. You can also display the Log window at any time by pressing Command+Option+L. Intego NetBarrier X3 User's Manual Page 60 Chapter 5 — The 4 Lines of Defense Using the Log Window Toolbar When you display the log window, Intego NetBarrier X3 offers you additional tools in the log window toolbar. These tools let you filter log data, and print, export and clear the log. To see this toolbar, select View > Show Toolbar. To hide the toolbar, select View > Hide Toolbar. Printing the Log To print the entire log, click the Print button in the log window toolbar. This displays a standard print dialog where you can choose printing options according to the type of printer you have. Intego NetBarrier X3 User's Manual Page 61 Chapter 5 — The 4 Lines of Defense Exporting the Log To export the entire log, click the Export button in the log window toolbar. This lets you export the log in any of six formats. For more on these formats, see Exporting the Log above. Clearing the Log To clear the Log, and erase all information stored in the Log, click the Clear button in the log window toolbar. A dialog displays asking if you really want to clear the Log. Click Clear to clear the Log, or click Cancel to cancel the operation. Filtering Data in the Log Window The log window toolbar contains a search field that lets you filter data in the log window according to several criteria, displaying only those entries that contain the selected criteria. You can search for log entries by any of the following criteria: • Source address • Destination address • Source port • Destination port • Interface • Protocol Intego NetBarrier X3 User's Manual Page 62 Chapter 5 — The 4 Lines of Defense To search for log data containing any of these criteria, click the disclosure triangle next to the Search icon. Select the criteria you want to search for, then enter a search string in the Search field. You don't need to enter the entire string; the display is dynamic, and automatically narrows down the log data as you enter characters in the search field. Intego NetBarrier X3 User's Manual Page 63 Chapter 5 — The 4 Lines of Defense In the example below, entering 195 in the search field sorts the log data so only those lines with 195 in the destination address display. This dynamic filtering only works from the beginning of an entry; entering 166 would not produce the display in the example above. To clear the search field and begin a new search, click the Clear button in the search field. Intego NetBarrier X3 User's Manual Page 64 Chapter 5 — The 4 Lines of Defense Trojan Horse Protection Trojan Horses are applications that are surreptitiously installed on your computer, either by virus-laden attachments you receive with e-mail messages, or by other programs, which may be shareware or freeware programs. In some cases, programs install a specific type of Trojan Horse, known as spyware, which sends personal information to a server. Since the connection is made from your computer, it is generally trusted; but Intego NetBarrier X3 knows how to spot the actions of the most common Trojan Horses and block them in their tracks. There have been cases where such programs have sent information on users’ browsing habits to a central server; other Trojan Horses open backdoors in your computer that allow hackers to take control of it or delete files. Intego NetBarrier X3 User's Manual Page 65 Chapter 5 — The 4 Lines of Defense To turn on Trojan Horse protection, click the On button, then click the names of the Trojans to select them. To find out what the different Trojans do, and how they act, click one of their names. The Info section, to the right, displays a brief description of the Trojan and its activity, and also tells which port(s) the Trojan uses. If you are having network problems with specific ports, try and uncheck the protection against Trojans that use these ports. You can also enable Trojan blocking for an individual Trojan horse, or for all Trojan horses, by holding down the Control key on your keyboard and clicking on the name of a Trojan. A contextual menu displays. Select Enable to enable protection for the selected Trojan horse, or select Enable All to enable protection for all Trojan horses. You can disable protection for individual Trojan horses or all Trojan horses in the same manner. Intego NetBarrier X3 User's Manual Page 66 Chapter 5 — The 4 Lines of Defense Antivandal Intego NetBarrier X3's Antivandal watches over all the data entering your computer, and filters it, looking for signs of intrusion. This filtering is transparent—the only time Intego NetBarrier X3 will show itself is if suspicious data is detected. If this occurs, an alert displays. Otherwise, Antivandal silently monitors your computer's network activity at all times. Intego NetBarrier X3 User's Manual Page 67 Chapter 5 — The 4 Lines of Defense Options The Antivandal panel has several options that affect Intego NetBarrier X3's anti-intrusion protection. Stop unknown protocols If this is checked, any unknown protocols are automatically blocked. Protect against ping attacks If this is checked, hostile pings are automatically blocked. Pings are accepted, but if the number or frequency of pings exceeds Intego NetBarrier X3's limits, they are blocked. Protect against port scans If this is checked, port scanning is automatically blocked. You may want to leave this unchecked if your computer is functioning as a server. Protect against SYN flooding If this is checked, the number of connections is automatically limited. This prevents connection flood denial of service attacks. Intego NetBarrier X3 User's Manual Page 68 Chapter 5 — The 4 Lines of Defense Deny Apple Remote Desktop Control If this is checked, Intego NetBarrier X3 blocks all requests to use Apple Remote Desktop software. Protect against intrusion attempts If this is checked, Intego NetBarrier X3 displays an alert if three incorrect password requests are sent to your machine, in an attempt to connect to it, in a given period of time. This applies to connection attempts to Web Sharing, File Sharing or FTP. Stealth mode (prohibit ping replies) If this is checked, your computer will be invisible to other computers on the Internet or on a local network. You will not, however, be anonymous—any requests you send to other hosts will include your computer's IP address. Allow PORT mode FTP transfers If this is checked, you will be able to make FTP transfers when functioning in Client only Firewall mode. Detect IIS Attacks If this is checked, Intego NetBarrier X3 detects CodeRed and nimda requests sent to your computer if it is configured as a web server, or if you have a server expecting calls to HTTP ports. This protects you from denial of service attacks. Intego NetBarrier X3 User's Manual Page 69 Chapter 5 — The 4 Lines of Defense Setting Ping Flooding Sensitivity You can adjust the sensitivity of Intego NetBarrier X3's ping flooding protection. If your computer is on a network, it is normal that your network administrator ping your computer from time to time. However, if your computer is isolated, it is rare that it be pinged. One exception is if you have a cable connection; your ISP might ping your computer to check if it is on-line. To adjust the ping flooding sensitivity, click one of the bars. The bar will be colored green, yellow or red, indicating the level of protection. If you are on a network and get too many alerts, you should lower the ping flooding sensitivity. Intego NetBarrier X3 User's Manual Page 70 Chapter 5 — The 4 Lines of Defense Setting SYN Flooding Sensitivity You can adjust the sensitivity of Intego NetBarrier X3's SYN flooding protection. To adjust the SYN flooding sensitivity, click one of the bars. The bar will be colored green, yellow or red, indicating the level of protection. If your computer functions as a server, and you get too many alerts, you should lower the SYN flooding sensitivity. Intego NetBarrier X3 User's Manual Page 71 Chapter 5 — The 4 Lines of Defense Setting Port Scan Sensitivity You can adjust the sensitivity of Intego NetBarrier X3's port scan protection. To adjust the port scan sensitivity, click one of the bars. The bar will be colored green, yellow or red, indicating the level of protection. If you are on a network and get too many alerts, you should lower the port scan sensitivity. Intego NetBarrier X3 User's Manual Page 72 Chapter 5 — The 4 Lines of Defense Alerts Understanding Alerts Intego NetBarrier X3 constantly monitors all of your computer's network activity, whether it is to the Internet or a local network. It is pre-configured to look out for specific types of data that indicate an intrusion or attack. If any suspicious data is found, Intego NetBarrier X3 displays an alert, asking you whether you wish to allow the data to be sent or deny it. The following is an example of an alert. The top line shows the reason for the alert. Here, an Intrusion Attempt was detected. The host, 10.0.1.201, shown by its IP address, tried to attack this computer with a ping flood. Two buttons on the right allow you to decide what action to take for this alert. If you click the More Info… arrow at the bottom left, an information field is displayed, showing the cause of the alert. Intego NetBarrier X3 User's Manual Page 73 Chapter 5 — The 4 Lines of Defense By clicking on the DNS lookup button (the ? ), you can toggle from the numerical IP address to the actual domain name of the offender, if there is one. There are two ways you can respond to alerts: Stop List The default response to all alerts is Stop List. If you click this button, or press the Enter or Return key, the data being received will be refused and the intrusion will be blocked. When this happens, the packet is dropped, and it is as if the data was never received. If the suspicious packet is part of a file, this means that the file will not reach its destination. If it is a command, the command will not have a chance to be carried out, since it will not reach its target. If you click Stop List, the IP address that caused this alert to be displayed will be automatically added to the Stop List, and kept there for the default time that has been set. (See Stop List, chapter 5.) This time can, however, be changed in the Alerts screen by entering a new time in the time field, and changing the time unit in the popup menu. Ignore If you click this button, you will allow the data to be received. Data transmission will continue as usual, unless Intego NetBarrier X3 detects another attempted intrusion. In this case, another alert displays. Intego NetBarrier X3 User's Manual Page 74 Chapter 5 — The 4 Lines of Defense Attack Counter Intego NetBarrier X3 records the number of attacks it has protected you from and displays this number in a counter at the bottom of the Antivandal window. It also shows the type of attack it blocked last, and the date and time of the last attack. To reset this counter, click the Reset button next to the counter. Intego NetBarrier X3 User's Manual Page 75 Chapter 5 — The 4 Lines of Defense Alert Options The Alerts tab gives you several options as to how Intego NetBarrier X3 acts when an alert is triggered. Put the host in the Stop List for: If this is checked, the connection is automatically dropped when there is an alert, and the offending IP address is immediately placed in the Stop List. (See Stop List, chapter 5.) A field to the right of this button allows you to specify the default time period that the offending IP address will remain in the Stop List. You can choose any number of seconds, minutes, hours or days, or choose to have the intruder remain on the Stop List permanently. Intego NetBarrier X3 User's Manual Page 76 Chapter 5 — The 4 Lines of Defense Ask If this is checked, Intego NetBarrier X3 presents an Alert dialog asking what to do. It is up to you to decide how the Alert is then to be handled. This Alert dialog shows the Stop List time period selected in the Alert options by default, but this time can be changed in the Alerts screen. Bring dialog to the front If this is checked, the Intego NetBarrier X3 alert comes to the front automatically whenever there is an alert. If not, it remains in the background. If no action is taken for 90 seconds, the alert automatically closes, and the connection is denied. Speak the Alert Text If this is checked, Intego NetBarrier X3 uses Mac OS X Text-to-Speech to speak the text of the alert. Don't Ask when the Current User is not an Administrator If this is checked, Intego NetBarrier X3 does not ask if the current user is not an administrator, and automatically puts the offending host in the Stop List. Play sound to notify If this is checked, Intego NetBarrier X3 plays the sound of your choice whenever there is an alert. You can select the sound you wish to have played from the pop-up menu to the right of the button. Send e-mail If this is checked, Intego NetBarrier X3 automatically sends an e-mail message to the address entered in the text field, within 30 seconds. (Intego NetBarrier X3 waits to see if there are other intrusion attempts, rather than send an e-mail message each Intego NetBarrier X3 User's Manual Page 77 Chapter 5 — The 4 Lines of Defense time.) The e-mail address for the sender and recipient must be entered, as well as the outgoing mail server. You can send this e-mail message to multiple recipients. To do this, enter several e-mail addresses separated by commas. Intego NetBarrier X3 User's Manual Page 78 Chapter 5 — The 4 Lines of Defense The Stop List The Stop List is a powerful feature of Intego NetBarrier X3 that ensures that once an attempted attack or intrusion has been foiled, the originating machine is not allowed to send any data to your computer, and your computer is not allowed to connect to them either. The offender can be put on the Stop List for a limited time, or indefinitely. The default time that the offender remains on the Stop List can be set in the Alerts screen (see above). Intego NetBarrier X3 User's Manual Page 79 Chapter 5 — The 4 Lines of Defense Stop List information The Stop List panel displays information on the various IP addresses that are currently in the Stop List, if any. Intruder This is the IP address of the offender. Remaining time This is the time that the offending IP address is scheduled to remain in the Stop List. If a host has been entered permanently in the Stop List, a check box displays to the left of their IP address. You can uncheck this check box if you wish to temporarily allow the host to access your computer while still retaining them in the Stop List. To block the host again, check the check box. Intego NetBarrier X3 User's Manual Page 80 Chapter 5 — The 4 Lines of Defense Other Stop List information If you click once on an address in the Stop List, some additional information displays on the right side of the panel. Host At the top of this section is the IP address of the offender. By clicking the DNS lookup button (the ? ), you can toggle from the numerical IP address to the actual domain name of the offender, if there is one. You can display this address in large type by moving your cursor over the Host label until the label highlights, clicking, and selecting Large Type from the contextual menu. Reason A line of text tells you how the IP address was added to the Stop List (here, it was added because of a Ping Flood attack). Duration The Duration is the amount of time the host is to remain in the Stop List. The from: and to: sections tell you when the address was added to the Stop List, and Intego NetBarrier X3 User's Manual Page 81 Chapter 5 — The 4 Lines of Defense how long it will remain there. The progress bar shows how much of their time in the Stop List is left. You can change this duration by moving your cursor over the Duration label until the label highlights, clicking, selecting Extend or Shorten from the contextual menu, then selecting an amount of time to add or subtract to the current duration. Note The text field below the progress bar contains any comments you have entered in the Stop List for this IP address, or any comments added by Intego NetBarrier X3. See below to find out how to enter or add comments to a Stop List entry. Intego NetBarrier X3 User's Manual Page 82 Chapter 5 — The 4 Lines of Defense Changing the List Display You can sort the Stop List by any of its columns by clicking on the header just above the column. You can also sort it in ascending or descending direction by clicking on the sort button, the small triangle in the selected sort column header. You can drag any of the columns to change their order. To do this, click one of the column headers and drag it where you want, then release your mouse button. Intego NetBarrier X3 User's Manual Page 83 Chapter 5 — The 4 Lines of Defense Adding addresses to the Stop List There are three ways to add addresses to the Stop List. The first is by responding to an Alert. (See above, Alerts.) If an Alert displays, and you reply Stop List, the offending IP address is automatically added to the Stop List. The second is by selecting an IP address in the Log window and choosing Add to Stop List from the contextual menu. For more on this, see above, Log Window Contextual Menu. You can also manually add addresses to the Stop List. To do this, click Add... The Stop List Editor displays. Enter a host address in the Host field, and select the time this address is to remain in the Stop List by entering a number in the Duration field; select a time unit from the pop-up menu. If you do not know the numerical IP address of the host you wish to add, enter its name and click the ? button. Intego NetBarrier X3 queries your Internet provider’s DNS server, and enters the correct number in the field. You can also add comments, such as the Intego NetBarrier X3 User's Manual Page 84 Chapter 5 — The 4 Lines of Defense reason for adding the address to the Stop List, in the Comments field. If you decide you do not wish to add this address to the Stop List, click Cancel. Using Wildcards in the Stop List You can use wildcards to block ranges of IP addresses in the Stop List. To do this, enter the first part of the IP address you wish to block, followed by asterisks, in the following form: 192.*.*.* or 192.192.*.* or 192.192.192.* This will block all addresses containing the numbers you have entered, whatever their endings are. Intego NetBarrier X3 User's Manual Page 85 Chapter 5 — The 4 Lines of Defense Removing Addresses from the Stop List To remove an address from the Stop List, click the address you would like to remove, then click Remove. A dialog asks if you really want to remove the address; click Remove. The address is removed. If you decide you do not want to delete this address, click Cancel. You can select multiple contiguous addresses, by shift-clicking, or non-contiguous addresses, by command-clicking, and delete them all together. You can also remove an address from the Stop List by clicking the address while holding down the control key on your keyboard, then selecting Remove… from the contextual menu that is displayed. A dialog asks if you really want to remove the address; click OK. The address is removed. If you decide you do not want to delete this address, click Cancel. Intego NetBarrier X3 User's Manual Page 86 Chapter 5 — The 4 Lines of Defense Moving Addresses from the Stop List to the Trusted Group You may decide that you want to move an address from the Stop List to the Trusted Group. To do this, hold down the control key on your keyboard, then select Switch to Trusted Group from the contextual menu that is displayed. This moves the address to the Trusted Group. For more on using the Trusted Group, see below, The Trusted Group. Intego NetBarrier X3 User's Manual Page 87 Chapter 5 — The 4 Lines of Defense Editing an Address in the Stop List To edit an address in the Stop List, click the address you would like to edit, then click Edit… (You can also double-click the address, or click the address while holding down the control key on your keyboard, then select Edit…) The Stop List Editor displays, showing you the address, and you can change the address, add or change comments, or change the time you want it to remain on the Stop List. To confirm your changes, click OK, or to leave the address and other information as they were, click Cancel. Intego NetBarrier X3 User's Manual Page 88 Chapter 5 — The 4 Lines of Defense You can also change the amount of time a host is in the Stop List using a contextual menu. Move the cursor over the Duration label in the Stop List; this label highlights. Click this label, and select Extend or Shorten, then select a time value from the popup menu. Select the amount of time you want to extend or shorten the host's presence in the Stop List. This time is added or subtracted immediately. Intego NetBarrier X3 User's Manual Page 89 Chapter 5 — The 4 Lines of Defense Copying Addresses from the Stop List You can select addresses in the Stop List and copy them, to paste them into another application. To do this, click a line of the Stop List, then copy the address by pressing Command+C. You can select multiple contiguous addresses, by shift-clicking, or noncontiguous addresses, by command-clicking, and copy them all together. You can drag selected addresses into another application window. To do this, select one or several addresses, as above, click one of the selected lines, and drag them into another open window. Intego NetBarrier X3 User's Manual Page 90 Chapter 5 — The 4 Lines of Defense The Stop List Contextual Menu As you have seen above, you can click an address in the Stop List, while holding down the control key on your keyboard, and a contextual menu displays. This menu contains several functions. Copy to Clipboard If you select Copy to Clipboard from the contextual menu, the address is copied to the clipboard. You can then paste it into any application or document. Edit... If you select Edit... from the contextual menu, you can edit the Stop List entry. See above, Editing an Address in the Stop List. Remove... If you select Remove... from the contextual menu, you can remove the Stop List entry. See above, Removing Addresses from the Stop List. Intego NetBarrier X3 User's Manual Page 91 Chapter 5 — The 4 Lines of Defense Switch to Trusted Group If you select Switch to Trusted Group from the contextual menu, you can move the address from the Stop List to the Trusted Group. See above, Moving Addresses from the Stop List to the Trusted Group. Find Domain Info If you select Find Domain Info from the contextual menu, Intego NetBarrier X3’s Whois panel opens and looks up the domain name, giving you information on that domain. For more about Whois, see the Whois section below. Find Route If you select Find Route from the contextual menu, Intego NetBarrier X3's Traceroute panel opens and searches for the route between your computer and the host. For more about Traceroute, see the Traceroute section below. Intego NetBarrier X3 User's Manual Page 92 Chapter 5 — The 4 Lines of Defense The Trusted Group The Trusted Group feature allows you to select “friendly” computers that are not treated as intruders if they perform certain actions, such as sending pings or other requests. It is a kind of friendly Stop List. While the Stop List protects you from foes, the Trusted Group contains your friends. You can add computers on your local network or other hosts on the Internet that you are certain to be friendly. This ensures that Intego NetBarrier X3’s Antivandal does not block their access nor set off alerts for any actions they carry out. They are, however, be affected by all the active Firewall rules. Intego NetBarrier X3 User's Manual Page 93 Chapter 5 — The 4 Lines of Defense Trusted Group Information The Trusted Group panel shows you information on the various IP addresses that are currently in the Trusted Group, if any. Network Address This is the IP address of the friendly computer. Remaining time This is the time that the friendly computer is scheduled to remain in the Trusted Group. Intego NetBarrier X3 User's Manual Page 94 Chapter 5 — The 4 Lines of Defense Other Trusted Group information If you click an address in the Trusted Group, some additional information displays on the right side of the panel. Host At the top of this section is the IP address of the friendly computer. By clicking on the DNS lookup button (the ? ), you can toggle from the numerical IP address to the actual domain name of the friendly computer, if there is one. You can display this address in large type by moving your cursor over the Host label until the label highlights, clicking, and selecting Large Type from the contextual menu. Duration The Duration is the amount of time the host is to remain in the Trusted Group. The from: and to: sections tell you when the address was added to the Trusted Group, and how long it will remain there. The progress bar shows how much of their time in the Trusted Group is left. You can change this duration by moving your cursor over the Duration label until the label highlights, clicking, selecting Extend or Shorten from the contextual menu, then selecting an amount of time to add or subtract to the current duration. Intego NetBarrier X3 User's Manual Page 95 Chapter 5 — The 4 Lines of Defense Note The text field below the progress bar contains any comments you have entered in the Trusted Group for this IP address. See below to find out how to enter or add comments to a Trusted Group entry. Intego NetBarrier X3 User's Manual Page 96 Chapter 5 — The 4 Lines of Defense Changing the List Display You can sort the Trusted Group list by any of its columns by clicking on the header just above the column. You can also sort it in ascending or descending order by clicking the sort button, the small triangle in the selected sort column header. You can drag either of the columns to change their order. To do this, click one of the column headers and drag it where you want, then release your mouse button. Intego NetBarrier X3 User's Manual Page 97 Chapter 5 — The 4 Lines of Defense Adding Addresses to the Trusted Group There are three ways to add addresses to the Trusted Group. The first is by selecting an IP address in the Log window, and choosing Add to Trusted Group from the contextual menu. For more on this, see above, Log Window Contextual Menu. The second is to move an address from the Stop List to the Trusted Group via the contextual menu. For more on this, see above, Moving Addresses from the Stop List to the Trusted Group. You can also manually add addresses to the Trusted Group. To do this, click Add... The Trusted Group Editor displays. Enter a host address in the Host field, and select the time this address is to remain in the Trusted Group by entering a number in the Duration field; select a time unit from the popup menu. If you do not know the numerical IP address of the host you wish to add, enter its name and click the ? button. Intego NetBarrier X3 queries your Internet provider’s DNS Intego NetBarrier X3 User's Manual Page 98 Chapter 5 — The 4 Lines of Defense server, and enters the correct number in the field. You can also add comments, such as the reason for adding the address to the Trusted Group, in the Comments field. If you decide you do not wish to add this address to the Trusted Group, click Cancel. Using Wild Cards in the Trusted Group You can use wild cards to allow ranges of IP addresses in the Trusted Group. To do this, enter the first part of the IP address you wish to add to the Trusted Group, followed by asterisks, in the following form: 192.*.*.* or 192.192.*.* or 192.192.192.* This adds to the Trusted Group all addresses containing the numbers you have entered, whatever their endings. Intego NetBarrier X3 User's Manual Page 99 Chapter 5 — The 4 Lines of Defense Removing Addresses from the Trusted Group To remove an address from the Trusted Group, click the address you would like to remove, then click Remove. A dialog asks if you really want to remove the address; click Remove. The address is removed. If you decide you do not want to delete this address, click Cancel. You can select multiple contiguous addresses, by shift-clicking, or non-contiguous addresses, by command-clicking, and delete them all together. You can also remove an address from the Trusted Group by clicking the address while holding down the control key on your keyboard, then selecting Remove… from the contextual menu that is displayed. A dialog asks if you really want to remove the address; click Remove. The address is removed. If you decide you do not want to delete this address, click Cancel. Intego NetBarrier X3 User's Manual Page 100 Chapter 5 — The 4 Lines of Defense Editing an Address in the Trusted Group To edit an address in the Trusted Group, click once on the address you would like to edit, then click Edit… (You can also double-click the address, or click the address while holding down the control key on your keyboard, then select Edit…) The Trusted Group Editor displays, showing you the address, and you can change the address, add or change comments, or change the time you want it to remain on the Trusted Group. To confirm your changes, click OK, or to leave the address and other information as they were, click Cancel. Intego NetBarrier X3 User's Manual Page 101 Chapter 5 — The 4 Lines of Defense You can also change the amount of time a host is in the Trusted Group using a contextual menu. Move the cursor over the Duration label in the Trusted Group; this label highlights. Click this label, and select Extend or Shorten, then select a time value from the popup menu. Select the amount of time you want to extend or shorten the host's presence in the Trusted Group. This time is added or subtracted immediately. Intego NetBarrier X3 User's Manual Page 102 Chapter 5 — The 4 Lines of Defense Copying Addresses from the Trusted Group You can select addresses in the Trusted Group and copy them, to paste them into another application. To do this, click a line of the Trusted Group, then copy the address. You can select multiple contiguous addresses, by shift-clicking, or non-contiguous addresses, by command-clicking, and copy them all together. You can drag selected addresses into another application window. To do this, select one or several addresses, as above, click your cursor on one of the selected lines, and drag them into another open window. Intego NetBarrier X3 User's Manual Page 103 Chapter 5 — The 4 Lines of Defense The Trusted Group Contextual Menu As you have seen above, you can click an address in the Trusted Group, while holding down the control key on your keyboard, and a contextual menu displays. This menu contains several functions. Copy to Clipboard If you select Copy to Clipboard from the contextual menu, the address is copied to the clipboard. You can then paste it into any application or document. Edit... If you select Edit... from the contextual menu, you can edit the Trusted Group entry. See above, Editing an Address in the Trusted Group. Remove... If you select Remove... from the contextual menu, you can remove the Trusted Group entry. See above, Removing Addresses from the Trusted Group. Intego NetBarrier X3 User's Manual Page 104 Chapter 5 — The 4 Lines of Defense Find Domain Info If you select Find Domain Info from the contextual menu, Intego NetBarrier X3’s Whois panel opens and looks up the domain name, giving you information on that domain. For more about Whois, see the Whois section below. Find Route If you select Find Route from the contextual menu, Intego NetBarrier X3's Traceroute panel opens and searches for the route between your computer and the host. For more about Traceroute, see the Traceroute section below. Intego NetBarrier X3 User's Manual Page 105 Chapter 5 — The 4 Lines of Defense Application Control Intego NetBarrier X3 lets you control Internet and network access for individual applications. While your firewall settings may allow general network access, the Applications tab lets you choose how Intego NetBarrier X3 reacts when specific applications try to access the network. This helps you in two ways: • If you wish to prevent users from accessing the network with specific applications, you can choose to block them in the Applications tab. • If an application attempts to connect to the network without your awareness, Intego NetBarrier X3 stops it in its tracks, alerts you, and waits for you to decide whether to allow it to do so or to deny access. Your computer has many applications that may access the Internet or other networks: web browsers, e-mail programs, FTP (file transfer) programs, instant messaging applications, and more. While all of these applications are designed to access the Internet, and you are aware of that, others may do so without your awareness. In some cases, these may be programs designed to automatically check for software updates, such as Intego NetUpdate. You may have set these programs to check at specific intervals, but may be surprised when you see network activity occurring in the background. But in other cases, programs may connect to the network without telling you, in order to verify the serial numbers of software installed on your computer, collect and send personal information without your awareness, or open a backdoor on your computer to provide access to hackers or vandals. Intego NetBarrier X3 User's Manual Page 106 Chapter 5 — The 4 Lines of Defense Using the Applications Tab The Intego NetBarrier X3 Applications screen lets you choose how the program reacts when a new application attempts to connect to the Internet or any other network. To turn on Application Blocking, click the On button. Intego NetBarrier X3 User's Manual Page 107 Chapter 5 — The 4 Lines of Defense Then select one of the three Default Behavior options: Allow If you check this, Intego NetBarrier X3 allows all applications to access the Internet or any other network. However, any firewall rules you may have defined concerning access to and from specific ports still function. For example, if an FTP program attempts to connect to a web page, Intego NetBarrier X3 does not block the application, but if you have set up a firewall rule blocking port 20, the standard FTP port, the data does not go through. If the FTP program attempts to make a connection to a different port, it is not blocked. Deny If you check this, Intego NetBarrier X3 blocks all access to the Internet or other network. This supercedes all firewall rules you have defined. Ask If you check this, Intego NetBarrier X3 asks you for each application that attempts to connect to the Internet or other network. Intego NetBarrier X3 User's Manual Page 108 Chapter 5 — The 4 Lines of Defense Trusting System Processes Many parts of Mac OS X request Internet or network access. This ranges from printing services and domain name resolution processes to services and processes that check for software updates or synchronize your clock. To trust these processes, and not be asked when they attempt to connect to the Internet or network, check the Trust System Processes check box. Intego NetBarrier X3 User's Manual Page 109 Chapter 5 — The 4 Lines of Defense Application Alerts If you have chosen to have Intego NetBarrier X3 ask you when an application attempts to access the Internet or another network, an alert displays. This alert tells you that an application has requested a connection to a specific IP address. A group of buttons allows you to choose how Intego NetBarrier X3 reacts. Allow once If you check this, Intego NetBarrier X3 allows network access for this application this time only. Deny If you check this, Intego NetBarrier X3 blocks network access for this application. Allow If you check this, Intego NetBarrier X3 allows network access for this application this time and in the future. Intego NetBarrier X3 User's Manual Page 110 Chapter 5 — The 4 Lines of Defense If you do not reply to this alert within 30 seconds, Intego NetBarrier X3 automatically denies network access to this application, this time only. If you are not sure what the application is that is requesting Internet or network access, you can click the Reveal in Finder button. This opens a Finder window showing you the location of the application. Intego NetBarrier X3 User's Manual Page 111 Chapter 5 — The 4 Lines of Defense Additional Application Information Intego NetBarrier X3 application alerts offer additional information about the application requesting an Internet or network connection and the IP address they are attempting to connect to. If you click the More Info... triangle, the alert displays the port the application is attempting to connect to and its full path. If you click the DNS lookup button (the ? ), you can toggle from the numerical IP address to the actual domain name of the host, if there is one. Intego NetBarrier X3 User's Manual Page 112 Chapter 5 — The 4 Lines of Defense Changing Application Settings After you have chosen to allow or deny network access to any applications, you can change these application settings if you wish. This shows a list of applications that Intego NetBarrier X3 has asked you to allow or block, and which you have chosen to always allow or always block by clicking the Allow or Deny buttons. (If you choose to allow a specific application just once, it will not be added to this list.) This list contains two icons: a green, GO icon, indicates that network access is allowed; a red, STOP icon, indicates that network access is denied. Each application has settings for two types of Internet connection: Client and Server. A client is a program that initiates a connection with host. A server receives a connection from another host. To turn on or off an application's settings, click the icon in the Client or Server column to change it. Intego NetBarrier X3 User's Manual Page 113 Chapter 5 — The 4 Lines of Defense Adding Applications to the Application List Intego NetBarrier X3 allows you to manually add applications to its application list, and choose whether you wish to allow or deny network access to them. To add an application, click the Add… button. A standard Mac OS X Open dialog displays. Navigate until you find the application you want to add, then click Select. When you add an application in this manner it is given allow status both as client and server. To change either of these settings, click one of the icons in the Client or Server columns of the list. You can also add applications to the application list by dragging their icons into the Applications tab. Locate an application and drag its icon into the Applications list. Removing Applications from the Applications List If you wish to remove an application from the Applications list, click one of the applications to select it, then click Remove… A sheet displays asking if you really want to delete this application. Click Remove to delete it, or click Cancel to leave it in the list. Revealing Applications in the Finder If you want to see where an application that is in the Applications list is on your computer, hold down the Control key on your keyboard and click on the name of an application. A contextual menu displays. Select Reveal in Finder, and a Finder window opens showing the location of the application. Intego NetBarrier X3 User's Manual Page 114 Chapter 5 — The 4 Lines of Defense Privacy Filters Intego NetBarrier X3's privacy filters examine both incoming and outgoing packets, looking for specific types of data. There are several filters, each of which is designed to protect your data or privacy, or help you surf the web faster. Intego NetBarrier X3 User's Manual Page 115 Chapter 5 — The 4 Lines of Defense Data Filter The Data Filter ensures that any sensitive information you choose to protect cannot leave your computer and go onto a network. You decide what to protect—your credit card number, passwords, or key words that appear in sensitive documents—and Intego NetBarrier X3's Filter checks each outgoing packet to make sure that no documents containing this information are sent. Not only does this protect you from sending documents containing this information, but it protects against anyone who has network access to your computer from taking copies of them. Remember that, if your computer is accessible across a network and other users have file sharing privileges, it is possible for anyone with access to your computer to copy your files. Intego NetBarrier X3 User's Manual Page 116 Chapter 5 — The 4 Lines of Defense How the Filter Works The Filter works in a very simple manner. Each unit of data you protect is called Protected data. When data packets are sent from your computer to a network, whether it be a local network or the Internet, they are all examined. If any of the Filter's protected data is found, the packet is blocked. Note: the Filter only works on data that corresponds exactly to the Protected data that you set. For example, if you set Protected data for your credit card number (see below), Intego NetBarrier X3 prevents its being sent out from your computer. But if you enter the same number in a secure web page, your browser encrypts this number, and the data no longer corresponds to the Protected data, and is therefore sent. The same is true for data that is encoded or compressed. Turning the Filter on First, for the Filter to check for protected data, you need to turn it on. To do this, click On. You can turn it off at any time, if you temporarily want to allow any of your protected data to be sent, by clicking Off. Intego NetBarrier X3 User's Manual Page 117 Chapter 5 — The 4 Lines of Defense What to protect The Filter is designed to protect sensitive information. You may want to protect different types of information, depending on your needs and the type of data on your computer. Here are some examples: Credit card numbers Even if you don't want to send your credit card number across the Internet, via web servers or e-mail, you may have already sent faxes containing this number. If so, the files you sent as faxes contain this number, and anyone could open the files and copy it. Add your credit card numbers to the Filter list and they will not be able to leave your computer and go onto a network. Passwords If you use the Internet or any other network, you probably have some passwords. The more sites you use, the more passwords you have. Some users even have files on their computers containing lists of their passwords. Add your passwords to the Filter, and none of them will be able to leave your computer and go onto a network. Note: if you store your passwords in the Mac OS X Keychain, they are encrypted, and you do not need to protect them in the Filter. Other sensitive information You may have confidential files concerning projects or customers, contracts, specifications or other sensitive information. You can easily choose to protect the name of a project or customer, or add a key word to any of these files to make sure that they cannot be copied across a network. You may also want to protect e-mail addresses, social security numbers, phone numbers or other personal information. Intego NetBarrier X3 User's Manual Page 118 Chapter 5 — The 4 Lines of Defense Adding Protected data to the Filter To add Protected data to the Filter, click Add... The Data Filter Editor displays. Enter a name for your Protected data in the Label field. You can select some of the most common names from the popup menu next to this field. Then enter the actual text you wish to protect in the second text field. This text is hidden by bullets. Note: You must enter your text exactly as it will be found in your documents for the Filter to protect it. For example, a credit card number may be found as ####-####-####-#### or as #### #### #### ####. If you protect only the first example, the Filter does not look for the second one. Also, this data is case sensitive. If you need to protect a key word, such as a project name, you must enter it in all possible cases: i.e., Marketing Study, marketing study, MARKETING STUDY. Intego NetBarrier X3 User's Manual Page 119 Chapter 5 — The 4 Lines of Defense The section labeled Let this data go out via these services allows you to choose to block data for all but the selected services. To do this, click the Add... button. Then, either enter the port number of the service, or choose its name from the popup menu. This data is not be blocked for this service, and this service only. To add another service, repeat the above operation. You can add as many services as you wish. When you have finished entering this information, click OK; your Protected data is now displayed in the Filter window. If you decide that you do not wish to keep this Protected data, click Cancel. Intego NetBarrier X3 User's Manual Page 120 Chapter 5 — The 4 Lines of Defense Activating or Deactivating Protected Data Items Each item of protected data appears on a line in the Data window. A check box at the left of each line allows you to activate or deactivate the filter for each data item. When you add a new data item, the box is checked, indicating that the filter is active for this item. If you wish to send any protected data over the Internet or a local network, you must uncheck the check box for the item in question. You can also enable data filters for individual protected data items, or for all protected data items, by holding down the Control key on your keyboard and clicking on the name of a data item. A contextual menu displays. Select Enable to enable protection for the selected data item, or select Enable All to enable protection for all data items. You can disable individual data items or all data items in the same manner. Intego NetBarrier X3 User's Manual Page 121 Chapter 5 — The 4 Lines of Defense Deleting Protected Data from the Filter To delete Protected data from the filter, click the Protected data item you wish to delete, and click Remove... A dialog asks if you really want to remove the Protected data; click OK. The Protected data is removed. If you decide you do not want to delete this Protected data, click Cancel. Editing Protected Data in the Filter You can edit Protected data in the Filter, either to make changes, or to change the services for which it is allowed. To edit Protected data in the Filter, click the Protected data you would like to edit, then click Edit... (You can also double-click the Protected data.) The Data Filter Editor shows you the Protected data, and you can make any changes you want. To confirm your changes click OK, or to leave the Protected data as it was, click Cancel. Intego NetBarrier X3 User's Manual Page 122 Chapter 5 — The 4 Lines of Defense Filter Alerts If the Filter detects that Protected data is leaving your computer, an alert displays. This alert is similar to other Intego NetBarrier X3 alerts. You have the possibility of ignoring the alert, or putting the host on the Stop List. If you click Ignore, Intego NetBarrier X3 allows the data to be sent for 10 seconds, which is long enough for the file in question to be sent. If you click Stop List, the host is added to the Stop List. Intego NetBarrier X3 User's Manual Page 123 Chapter 5 — The 4 Lines of Defense Banner Filter If you click the Banner tab, the Banner filter screen displays. This is a list of rules that Intego NetBarrier X3 uses to filter ad banners, helping you surf much faster. Ad banners are graphic ads that are usually displayed at the tops of web pages. Intego NetBarrier X3 blocks these ads, and replaces them with transparent graphics. By filtering them, web pages load much faster, and you are spared from seeing annoying advertisements. Intego NetBarrier X3 User's Manual Page 124 Chapter 5 — The 4 Lines of Defense Turning the Filter On First, for the Filter to block ad banners, you need to turn it on. To do this, click On. You can turn it off at any time, if you temporarily want to allow all hosts to be accepted by your computer, by clicking Off. Adding Rules to the Banner Filter The filter already contains a set of rules, but you can easily add your own. To do this, click the Add... button. The Banner Editor displays. This contains three sections: two popup menus and a text field. To create an ad banner filter rule, select from the first popup menu Host Name or URL Path, then, select from the second popup menu is or contains. For example, if you want to block ad banners from the host doubleclick.net, select Host Name contains, and enter doubleclick.net in the text field. If you wish to validate this ad banner filter rule, click OK; if not, click Cancel. Intego NetBarrier X3 User's Manual Page 125 Chapter 5 — The 4 Lines of Defense You can easily add new hosts to Intego NetBarrier X3’s list of banner filters by dragging a graphic from a web page into the Banner filter window. Intego NetBarrier X3 automatically adds the exact file path of the graphic—you should edit this, retaining merely the beginning section of the text, since the end is often specific to the individual ad. Intego NetBarrier X3 User's Manual Page 126 Chapter 5 — The 4 Lines of Defense Activating or Deactivating Banner Rules Each banner rule appears on a line in the Banner window. A check box at the left of each line allows you to activate or deactivate the filter for each banner rule. When you add a new banner rule, the box is checked, indicating that the filter is active for this rule. If you wish to stop blocking certain banners, you must uncheck the check boxes for the banners in question. You can also enable ad banner for an individual ad banner rule, or for all ad banner rules, by holding down the Control key on your keyboard and clicking on the name of an ad banner rule. A contextual menu displays. Intego NetBarrier X3 User's Manual Page 127 Chapter 5 — The 4 Lines of Defense Select Enable to enable protection for the selected ad banner rule, or select Enable All to enable protection for all ad banner rules. You can disable individual ad banner rules or all ad banner rules in the same manner. Note: when using the banner filter, you may find that you cannot access some web pages correctly. If this is the case, try turning off the Banner filter; their URLs may contain texts that are in one of the banner rules. Intego NetBarrier X3 User's Manual Page 128 Chapter 5 — The 4 Lines of Defense Cookie Manager A cookie is a small file on your computer used by some web sites to record information about you. Cookies can contain your user name and password for some sites, information identifying you for e-commerce sites, as well as other information on your surfing habits that you don't even know about. While cookies are not always bad (you cannot make purchases from most web sites without them), some sites use them to track your behavior. Intego NetBarrier X3 gives you detailed control over the cookies on your computer. You can view, edit and delete each cookie on your computer, and delete all the cookie files if you wish. Intego NetBarrier X3 User's Manual Page 129 Chapter 5 — The 4 Lines of Defense Intego NetBarrier X3 manages cookies for the following programs: Camino, iCab, Internet Explorer, OmniWeb, Opera, Safari and Sherlock. Deleting Cookies for a Specific Program When you display the Intego NetBarrier X3 Cookies tab you can see a list of the programs that have stored cookie files on your computer. If you click one of these names, the righthand section of the window gives you information on the program, the number of cookies and domains, and the last time you deleted all the program's cookies. To delete all the cookies for this program, click Delete All Cookies... A dialogue asks you to confirm this deletion or cancel it. Note that if you delete all the cookies for a program you will need to log in again to certain sites that store your user name and password in cookie files. Intego NetBarrier X3 User's Manual Page 130 Chapter 5 — The 4 Lines of Defense Editing Individual Cookies With Intego NetBarrier X3's Cookie Manager you can view and edit some aspects of individual cookies. To do this, click the disclosure triangle next to one of the programs in the cookie list to view the cookies in its file. Then click one of the domains in the list that displays. This shows the contents of the individual cookie. Intego NetBarrier X3 User's Manual Page 131 Chapter 5 — The 4 Lines of Defense As you can see in the above example, the cookie's contents are confusing, and this is often the case. While you cannot edit the cookie value, you can change its expiration date and time. To do this, move the cursor over the Expires label, which highlights. Click this label, and select Extend or Shorten, then select a time value from the popup menu. Finally, click Apply to apply this change to the cookie. Intego NetBarrier X3 User's Manual Page 132 Chapter 5 — The 4 Lines of Defense Deleting Individual Cookies In addition to deleting all cookies for a specific program, you can delete any cookie individually. To do this, click the cookie to select it, then click Delete... A dialogue asks you to confirm this deletion or cancel it. Note: to delete a cookie, the program that uses this cookie must not be active. Quit the program before deleting any cookies. Intego NetBarrier X3 User's Manual Page 133 Chapter 5 — The 4 Lines of Defense Cleaning Browser Files Web browsers keep many files on your computer, even after you have stopped using them. These files include temporary files in the browser's cache, and history files, which record the web sites you have visited. These files can take up a lot of disk space. Intego NetBarrier X3 lets you easily clean these files for each program that stores them on your computer. When you click the Cleaning tab, Intego NetBarrier X3 displays a list of the programs on your computer that have cache files and history files. Intego NetBarrier X3 manages cache files for the following programs: Camino, iCab, Internet Explorer, Opera, Safari, Sherlock and Watson. Intego NetBarrier X3 manages Intego NetBarrier X3 User's Manual Page 134 Chapter 5 — The 4 Lines of Defense history files for the following programs: Camino, iCab, Internet Explorer, OmniWeb, Opera, and Safari. To clean a program's cache files or history file, click the program's name in the program list. The right-hand section of the window shows the program's name and icon, the amount of disk spaced used by the cache or history files, and the last time you cleaned these files. To delete the selected files, click the Clean... button. A dialogue asks you to confirm this operation or cancel it. Intego NetBarrier X3 User's Manual Page 135 Chapter 5 — The 4 Lines of Defense Surf Filter Intego NetBarrier X3 has several features to help maintain your privacy when surfing the Internet. The Surf tab displays a screen where you can choose specific options concerning cookies and information about your computer. Intego NetBarrier X3 User's Manual Page 136 Chapter 5 — The 4 Lines of Defense Cookie Filter In addition to the detailed cookie management features available from the Cookies tab (see above), Intego NetBarrier X3 lets you only send cookies to specific domains that you choose. If you check Only send cookies to the following servers, and other web sites send cookies, your computer will not send back any information. Note: if this is checked, you may have trouble accessing some sites that require user identification, and most ecommerce sites. To add a server to the Cookie filter list, click Add... The Server editor displays. Enter the name of the server, such as www.intego.com, in the Server name field, then click OK to add this server to the Cookie filter list. Intego NetBarrier X3 User's Manual Page 137 Chapter 5 — The 4 Lines of Defense If you check this check box and do not add any servers to the list, Intego NetBarrier X3 blocks all cookie requests to your computer. Cookie Counter Intego NetBarrier X3 can also count the number of cookies for all users on your computer, if you check the Count the number of cookies received check box. This displays a cumulative total of the number of cookies since the first NetBarrier X launch, or since the last time you reset the counter. You can reset this counter by clicking the reset button to the right of the number of cookies. This resets the cookie counter for all users on your computer. A dialogue asks you to confirm this operation or cancel it. Intego NetBarrier X3 User's Manual Page 138 Chapter 5 — The 4 Lines of Defense Information Hiding All web browsers are set to reply to requests from web sites, telling which platform you are using (Mac, Windows, Linux, etc.) and which type and version browser you are using. Again, this can be useful (such as for sites with different versions for different browsers), but you may find some sites that will not let you access them if you are on a Mac. Intego NetBarrier X3 can "spoof" some information concerning your computer, that is, send false information. Intego NetBarrier X3 can reply to these requests, and send only generic information—it replies that you are using Netscape, but with no version number nor platform. If you wish Intego NetBarrier X3 to do this, check the Brand of my computer and name of my Browser check box. Some sites also request the last site you visited. Again, this can be useful (some sites want to know where their users have come from), but unscrupulous sites might use this to follow your browsing habits. By checking the Last Web site visited check box, Intego NetBarrier X3 prevents a reply from being sent to this type of request. Intego NetBarrier X3 User's Manual Page 139 Chapter 5 — The 4 Lines of Defense Monitoring Intego NetBarrier X3’s Monitoring panel gives you detailed information on your computer’s network activity. Traffic The Traffic tab of the Monitoring panel contains a set of activity gauges that inform you of the type of network activity that is coming into and going out of your computer. Intego NetBarrier X3 User's Manual Page 140 Chapter 5 — The 4 Lines of Defense There are two rows of gauges—the IN gauges show the amount of data coming into your computer, and the OUT gauges show the amount of data leaving your computer. The top number is the current throughput per second, and the bottom is the total amount. Selecting Activity Data Types You can choose which type of data will be recorded for the first four pairs of gauges. To do this, click the header over one of the gauges. Intego NetBarrier X3 User's Manual Page 141 Chapter 5 — The 4 Lines of Defense A popup menu displays showing several choices. The following types of data can be recorded: 4D Server: 4D Server data. Apple Rem. Desktop: Apple Remote Desktop data. AppleShare IP: AppleShare IP data. DNS: DNS data. FileMaker: FileMaker Pro data. FTP: FTP data. Intego NetBarrier X3 User's Manual Page 142 Chapter 5 — The 4 Lines of Defense Hotline: Hotline server data. iChat/AIM/ICQ: Instant messaging data using iChat, AIM or ICQ. Mail: E-mail data. NetUpdate: Data for Intego's NetUpdate program. News: Newsgroup data. Retrospect: Retrospect data. Telnet: Telnet data. Timbuktu: Timbuktu data. Web: Web access (HTTP) data. WebSTAR 4 Adm: WebSTAR administration data. WebSTAR V Adm: WebSTAR administration data. The last two pairs of gauges are fixed, and show the following information: Other: the amount of data for other protocols. IP: the total amount of Internet Protocol data. Intego NetBarrier X3 User's Manual Page 143 Chapter 5 — The 4 Lines of Defense Adding Services to the Activity Gauges You can add your own services to this list by selecting Modify... A Service List displays. This list shows all the services available for the Activity Gauges. You can select a service from the Name section and click OK to add it to the Activity Data Type menu. Intego NetBarrier X3 User's Manual Page 144 Chapter 5 — The 4 Lines of Defense You can also create your own services and add them to the Service List. Click the Add button under the Name section to add a new service. A new service line is added to the list. Enter a name for the service then press Enter. Intego NetBarrier X3 User's Manual Page 145 Chapter 5 — The 4 Lines of Defense For this service to record data in the Activity Gauges, you must specify which port(s) it uses. Click the Add button under the Ports section to add ports to the service. A new line displays at the top of the Ports section. Enter the port number for your new service, then press Enter. You can add more ports by following the same procedure, and you can remove ports by clicking a port to select it then clicking Remove... Editing Services You can edit the ports used for different services by the Activity Gauges by clicking a service, then adding, removing or changing ports in the Ports section of the Service Editor. Click OK to save your changes, or click Cancel to discard them. Intego NetBarrier X3 User's Manual Page 146 Chapter 5 — The 4 Lines of Defense Total Traffic graph A bar graph showing total traffic is available in this window. When no network activity occurs, this graph is empty, but when there is network activity, either over a local network or the Internet, this graph will show the total activity. The orange parts of the bars represent incoming traffic, and the green represent outgoing traffic. In addition, the scale of this graph is dynamic; it changes according to the amount of traffic. In the above example, a network connection is active, and throughput ranges from 0 to about 60 kilobytes per second. In the second example, below, the only activity is polling over a local network; the maximum traffic here does not exceed 500 bytes per second. Intego NetBarrier X3 User's Manual Page 147 Chapter 5 — The 4 Lines of Defense If you place your cursor over this graph, a text displays showing the actual data throughput, which is updated every second. Intego NetBarrier X3 User's Manual Page 148 Chapter 5 — The 4 Lines of Defense To view individual graphs for incoming and outgoing data, double-click anywhere in the graph. The graph window changes to show three graphs: one for incoming data, one for outgoing data, and one for total traffic. To return to the normal view, with a single graph and activity gauges, double-click anywhere in one of the graphs. Intego NetBarrier X3 User's Manual Page 149 Chapter 5 — The 4 Lines of Defense You can also change the type of data any of these graphs display by clicking All and selecting a data type from the popup menu. Intego NetBarrier X3 User's Manual Page 150 Chapter 5 — The 4 Lines of Defense When the window displays three graphs, you can choose the scale for the In and Out graphs. If you hold down the Control key on your keyboard and click anywhere in the In or Out graph, a popup menu offers several options. This lets you choose your maximal throughput and display graphs that are correctly scaled for that throughput. Choose Dynamic Scale if you want the graph to change its scale according to the data throughput. Intego NetBarrier X3 User's Manual Page 151 Chapter 5 — The 4 Lines of Defense Resetting the Activity Gauges If you click the Reset button, the totals beneath the gauges are all reset to zero. When you reset the activity gauges, an alert displays asking you to confirm clearing the gauges. This ensures that you do not accidentally reset the activity gauges. If you wish to reset the activity gauges, click Reset. If not, click Cancel. Intego NetBarrier X3 User's Manual Page 152 Chapter 5 — The 4 Lines of Defense Viewing the gauges as a palette If you click the window's resize button the Intego NetBarrier X3 window collapses and the activity gauges display as a horizontal palette. Intego NetBarrier X3 User's Manual Page 153 Chapter 5 — The 4 Lines of Defense If you click the resize button while holding down the shift key, the palette displays vertically. This can be useful if you want to keep an eye on your network activity, and wish to leave these gauges visible. To return to the main Intego NetBarrier X3 window, click the resize button on the palette. Intego NetBarrier X3 User's Manual Page 154 Chapter 5 — The 4 Lines of Defense Using the NetBarrier Monitor Application When you install Intego NetBarrier X3, the program also installs an application called NetBarrier Monitor. You can find this program in your Applications folder. The NetBarrier Monitor application provides a small, floating window that lets you keep an eye on network activity at all times, without needing to display the entire Intego NetBarrier X3 activity gauge palette. When you open NetBarrier Monitor, it displays its activity gauge window in the bottomright corner of your screen. Intego NetBarrier X3 User's Manual Page 155 Chapter 5 — The 4 Lines of Defense By default, NetBarrier Monitor displays the total network traffic for all services. You can change this display by clicking All at the bottom of the NetBarrier Monitor window, and selecting a service from the popup menu. If you hold down the Control key on your keyboard and click anywhere in the NetBarrier Monitor window, a popup menu offers two options. You can quit NetBarrier Monitor by selecting Quit. You can also choose to have NetBarrier Monitor display its activity gauges in the Dock by selecting Show in Dock. If you do this, the NetBarrier Monitor window closes, and the program's Dock icon changes to show its activity gauges that are updated in real time. Intego NetBarrier X3 User's Manual Page 156 Chapter 5 — The 4 Lines of Defense To return NetBarrier Monitor to its window, hold down the Control key, click on the NetBarrier Monitor Dock icon, and select Show in Window. When NetBarrier Monitor displays in the Dock, you can change its display by holding down the Control key, clicking on its Dock icon, and selecting a different service from its Dock menu. And to have easy access to NetBarrier Monitor, you can select Keep in Dock from this menu; this keeps the NetBarrier Monitor icon in the Dock, even when the program is not running, so you can open it just by clicking its Dock icon. Intego NetBarrier X3 User's Manual Page 157 Chapter 5 — The 4 Lines of Defense The Intego NetBarrier X3 Monitor Screen Saver Intego NetBarrier X3 installs a screen saver on your Macintosh. This screen saver gives you an overview of network activity. Even when you're not working, you can keep an eye on what's entering and leaving your Mac. In addition, if your Macintosh is running as a server, this screen saver gives you an overview of its network activity. To use the Intego NetBarrier X3 screen saver, open the System Preferences from the Apple menu, and click on Screen Effects. Select NetBarrierSaver in the screen saver list. Intego NetBarrier X3 User's Manual Page 158 Chapter 5 — The 4 Lines of Defense To configure the screen saver, click Configure. You can choose the order in which services are displayed. Drag them in the order you want. Intego NetBarrier X3 User's Manual Page 159 Chapter 5 — The 4 Lines of Defense The number of services displayed depends on your screen resolution and the number of screens you have. For more on screen saver settings, see the Mac OS X help. Intego NetBarrier X3 User's Manual Page 160 Chapter 5 — The 4 Lines of Defense Network This panel provides useful information about your computer and its network configuration. It shows the user name, the name of the computer, its IP address and other network information. A popup menu shows you all the IP addresses that are active on your computer—if you have several network adapters with different addresses, or are running several servers. It also tells if Web Sharing and File Sharing are running. In addition, it gives you real-time information on your network activity. Intego NetBarrier X3 User's Manual Page 161 Chapter 5 — The 4 Lines of Defense Computer and Network Information The top part of the Network pane provides an overview of information on your computer and its network. In addition to presenting such information as the computer name, IP address and whether or not file sharing services are on, you can use this pane to get quick access to the different elements of Mac OS X where you can change network settings. When you move your cursor over some of the labels on this pane, the labels become highlighted. If you click these labels, a popup menu displays. Selecting Modify... opens different panes of the Mac OS X System Preferences. The following labels offer access to the preferences panes specified below: • Web Sharing: This opens the Sharing preference pane, where you can turn Web Sharing on or off. • File Sharing: This opens the Sharing preference pane, where you can turn File Sharing on or off. • IP address: This opens the Network preference pane, where you can change your IP address or network configuration. Intego NetBarrier X3 User's Manual Page 162 Chapter 5 — The 4 Lines of Defense Some labels offer the possibility of displaying certain information in large type. If you select Large Type from the label popup menu for IP address, Network mask or Hardware address, Intego NetBarrier X3 displays this information in large type in front of the Intego NetBarrier X3 application. To remove this display, click anywhere. Intego NetBarrier X3 User's Manual Page 163 Chapter 5 — The 4 Lines of Defense If you click the IP address label, the popup menu that displays offers additional options. In addition to the Large Type and Modify... options mentioned above, you can do the following: • Copy to Clipboard: this copies your IP address to the clipboard • Show outside IP: this displays your outside IP address in large type. This address is different from what Intego NetBarrier X3 displays on this pane if you have a router, or cable or DSL modem. • Show History: this shows the history of your computer's IP addresses. This displays a list showing the different IP addresses attributed to your computer by your ISP, if you have dynamic IP addressing. However, if you have a router, or a cable modem, this only shows the IP address your computer uses internally. You can also display this window by selecting Window > Show IP History Window. Intego NetBarrier X3 User's Manual Page 164 Chapter 5 — The 4 Lines of Defense Services This section lists any services currently running on your computer that are accessible to other users via the Internet Protocol, such as a web server, mail server, etc. For each port being used, the following information is shown: the protocol (TCP or UDP), the local port number, the remote port, according to the protocol it represents, if it is a standard protocol (for example, port 21 is FTP), the remote address, that is the IP address of the connection, and the status of the connection. Intego NetBarrier X3 User's Manual Page 165 Chapter 5 — The 4 Lines of Defense Whois Intego NetBarrier X3 allows you to look up domain names and Internet IP addresses using its built-in Whois tool. To do this, enter a domain name or IP address in the Domain field, then click the Whois button. The text field below gives you information about the domain. Intego NetBarrier X3 has four default Whois servers, but you can add others. To find out how to add Whois servers, see chapter 6, Preferences and Configurations. Intego NetBarrier X3 User's Manual Page 166 Chapter 5 — The 4 Lines of Defense Traceroute When you send or receive data over the Internet, or other networks, your data is sent in packets from host to host until it reaches its destination. Data can make dozens of hops along its route, and Intego NetBarrier X3's Traceroute function can help you see exactly how your data gets to its destination. This is especially useful when you are having problems accessing a specific host, to see where the data is blocked—when this happens, it usually means a key host or router is not functioning. To run a traceroute, enter an IP address or a domain name, such as www.intego.com, in the Network Address field, then click Trace. If you enter a domain name, Intego NetBarrier X3 resolves this and displays the actual IP address. Intego NetBarrier X3 User's Manual Page 167 Chapter 5 — The 4 Lines of Defense The traceroute window then shows all the hops between your computer and the final host. For each hop, Intego NetBarrier X3 displays the hop number, the IP address, the actual host name, the response time, and the number of pings that succeed or fail. For each hop, Intego NetBarrier X3 sends three pings. Note that if you have a router on your network, it may not respond to the traceroute request, and may display as failed requests. This won't prevent the rest of the traceroute from being executed. After your traceroute has completed, you can see a visual display of the route your data takes by clicking Show on Map. This shows a world map with lines connecting each hop, and numbers showing their position on the path. When you have finished, click Close to close the map. Intego NetBarrier X3 User's Manual Page 168 Chapter 5 — The 4 Lines of Defense NetUpdate NetUpdate is an application that Intego's programs can use to check if the program has been updated. This application is installed at the same time as Intego NetBarrier X3 or other Intego programs. It checks updates for all of these programs at the same time, and downloads and installs those for the programs installed on your computer. The NetUpdate pane gives you information on your installed version, the last time NetUpdate checked Intego's server for updates, and your subscription limit. To check for updates, click Check now... NetUpdate will open and check for updates. For more on using NetUpdate, see the NetUpdate User's Manual. Intego NetBarrier X3 User's Manual Page 169 Chapter 6 — Preferences and Configurations 6—Preferences and Configurations Intego NetBarrier X3 User's Manual Page 170 Chapter 6 — Preferences and Configurations Intego NetBarrier X3 Preferences Preferences for several of Intego NetBarrier X3’s functions are available from the NetBarrier Preferences screen. To view this screen, select Preferences from the NetBarrier X menu. Intego NetBarrier X3 User's Manual Page 171 Chapter 6 — Preferences and Configurations Interface Intego NetBarrier X3 lets you choose whether you want to display the Intego NetBarrier X3 status icon in the menubar. For more on this icon and its menu, see Using the NetBarrier X Menu in Chapter 4. To display the Intego NetBarrier X3 status icon in the menu bar, check Show Status in Menu Bar in the Interface tab of the NetBarrier Preferences. Intego NetBarrier X3 User's Manual Page 172 Chapter 6 — Preferences and Configurations Modem You can provide total security for your modem with this option. To do this, click the Modem button on the Preferences screen. It may prevent your modem from answering any calls. To secure your modem, click the Secure now button. To reset your modem, if you have secured it, click the Reset button. Intego NetBarrier X3 secures your modem, blocking incoming calls, so it is fully protected. Intego NetBarrier X3 User's Manual Page 173 Chapter 6 — Preferences and Configurations Log Export Preferences You can set Intego NetBarrier X3 to export the Log at regular intervals. To do this, click the Log button on the Preferences screen. Intego NetBarrier X3 User's Manual Page 174 Chapter 6 — Preferences and Configurations Export Log Data If you wish to have your log exported at regular intervals, you can select from 5 options. By default, this is set to Never. Never The log data is never exported. Every week The log data is exported once a week, at 00:00 on Monday. If the computer is not on at this time, it is exported at the next restart. Every day The log data is exported once a day, at 00:00. If the computer is not on at this time, it is exported at the next restart. Every hour The log data is exported once an hour, on the hour. Customized If you check this option, you can choose a custom interval to have your log data exported. You can enter the number of units you want, and select Months, Days, Hours or Minutes from the popup menu. Intego NetBarrier X3 User's Manual Page 175 Chapter 6 — Preferences and Configurations Log Export Format Logs can be exported in six formats. Click the Format popup menu to select the export format. You can choose from the following formats: Expert HTML This is the log in HTML format with additional columns. It shows the same information as the log when in Expert mode. Expert Text This is the log in text format with additional columns. It shows the same information as the log when in Expert mode, and has tabs separating the columns, so it can be easily imported into a spreadsheet. HTML This is the log in HTML, which is readable by any web browser, and is presented in table form. Analytic This is similar to Expert Text format, without tab separators, but with labels in front of some fields. Intego NetBarrier X3 User's Manual Page 176 Chapter 6 — Preferences and Configurations Text This is the log in text format, which can be read by any word processor. Who's there? This format saves the log as a text file, with the following information: DATE: The date of the connection. TIME: The time of the connection. RESULT: The result of the connection. HOSTNAME: The host IP address. SERVER_PORT: The server port used for the connection. METHOD: The type of connection; TCP or UDP. Log Export Location You can select the folder where log export files are saved. By default, they are saved in the /Library/Logs/NetBarrier folder. If you wish to have these files saved in another folder, click the Select... button and navigate until you get to the folder you wish to use. Then click Select to use this folder. You can also create a new folder by clicking New Folder in the dialog box. Name this folder as you wish, and click Create. Note: If you are using Web Sharing, you can export the log into a shared folder, providing access to this file from a remote computer. Intego NetBarrier X3 User's Manual Page 177 Chapter 6 — Preferences and Configurations Log Recording Options Intego NetBarrier X3's log offers the possibility of displaying several types of information. You control the display on the Log pane. To control which types of information are recorded in logs that you export, choose from three options here: FrontEnd Startup and Quit This records general Intego NetBarrier X3 activity, such as Intego NetBarrier X3 startup and quit. Denied connections This records all connections that are denied. Incoming data blocked by the Stop List This records all incoming data, attacks or intrusion attempts that are blocked by the Stop List. Intego NetBarrier X3 User's Manual Page 178 Chapter 6 — Preferences and Configurations Traffic Export Preferences You can set Intego NetBarrier X3 to export traffic data at regular intervals. To do this, click the Traffic button on the Preferences screen. This screen also gives you several options for managing traffic data. Intego NetBarrier X3 User's Manual Page 179 Chapter 6 — Preferences and Configurations Periodic Export If you wish to have your traffic data exported at regular intervals, you can select among 5 options. By default, this is set to Never. Never The traffic data is exported. Every week The traffic data is exported once a week, at 00:00 on Monday. If the computer is not on at this time, it is exported at the next restart. Every day The traffic data is exported once a day, at 00:00. If the computer is not on at this time, it is exported at the next restart. Every hour The traffic data is exported once an hour, on the hour. Intego NetBarrier X3 User's Manual Page 180 Chapter 6 — Preferences and Configurations Customized If you check this option, you can choose a custom interval to have your traffic data exported. You can enter the number of units you want, and select Months, Days, Hours or Minutes from the popup menu. Traffic Data Export Format Traffic data can be exported in two formats: text and HTML. If you select Text, they will be saved in a file that can be read by any word processor. If you select HTML, files are readable by any web browser, and are presented in table form. Traffic Data Export Location You can select the folder where traffic export files are saved. By default, they are saved in the /Library/Logs/NetBarrier folder. If you wish to have these files saved in another folder, click the Select... button and navigate until you get to the folder you wish to use. Then click Select to use this folder. You can also create a new folder by clicking New Folder in the dialog box. Name this folder as you wish, and click Create. Note: If you are using Web Sharing, you can export the traffic data into a shared folder, providing access to this file from a remote computer. Intego NetBarrier X3 User's Manual Page 181 Chapter 6 — Preferences and Configurations Resetting the Gauges after Export If you check this button, your activity gauges will be reset to zero after each export. IP Traffic Alert Intego NetBarrier X3 has a setting that allows you to monitor the amount of data entering or leaving your computer. This can be very useful if you have an Internet access account with uploading or downloading restrictions. If you check this option, Intego NetBarrier X3 displays a warning when your traffic exceeds the amount you have selected. You can choose to have a warning for Incoming, Outgoing or Total traffic, and you can choose the amount of the threshold, in kilobytes, megabytes or gigabytes. Intego NetBarrier X3 User's Manual Page 182 Chapter 6 — Preferences and Configurations Whois Intego NetBarrier X3’s Whois function allows you to search for information on domain names and IP addresses. Four Whois servers are preset in this pane, and they are queried in the order shown in this panel. Intego NetBarrier X3 User's Manual Page 183 Chapter 6 — Preferences and Configurations If you wish to change their order, you can do so by selecting one of the servers and dragging it to a new location. You can activate or deactivate the Whois servers in this panel. To deactivate a server, uncheck its check box. To activate a deactivated server, check its check box. You can also add new Whois servers. To do this, click Add. A new line is added to the list, with the server address highlighted. Type in the name of the new Whois server you wish to add. To remove a Whois server, select it by clicking it, and click Remove… A dialogue box asks you to confirm this removal or cancel it. Intego NetBarrier X3 User's Manual Page 184 Chapter 6 — Preferences and Configurations About Intego NetBarrier X3 If you select About NetBarrier… from the NetBarrier menu, a window displays showing some information about Intego NetBarrier X3, such as the version number, your support number (a number you will need for technical support), clickable links to Intego’s web site and e-mail address, and Intego’s address. If you haven't yet registered online, you can do so quickly and easily by clicking the Register online... button. This takes you to the registration page on the Intego web site. Intego NetBarrier X3 User's Manual Page 185 Chapter 6 — Preferences and Configurations Configuration Sets Intego NetBarrier X3 gives you the possibility of saving as many configuration sets as you want. Each configuration set contains all the settings and preferences you have applied to Intego NetBarrier X3. You can make sets for different locations, if you have a PowerBook or iBook—one set for office use, another for home use. You may want to have one set that includes additional protection for the times your computer is used as a server, and another for when it is a client. You may also want a specific set for less protection when you are connected to a local network, and additional protection when you are surfing the web. You may want to have a set that sends you e-mail messages when any intrusions occur, for when you are not at your computer. Selecting the Active Configuration Set To select a configuration set, select Configurations... from the File menu. A dialog box displays. Intego NetBarrier X3 User's Manual Page 186 Chapter 6 — Preferences and Configurations Select the set you wish to activate, and click Select. If you decide you do not want to activate this set, click Done, or select a different set. Adding Configuration Sets To add a configuration set, select Configurations... from the File menu. A dialog box displays. To create a new configuration set, you first need to copy an existing set, and rename it. To do this, click one of the sets in the list, and then click Rename. The following dialog box displays: Enter the name for your new set, and click OK. If you decide you do not want to rename this set, click Cancel. Now that you have a new configuration set, activate it by clicking Select. You can now make any changes to the configuration that you want, and they are saved under the current set. To return to another set, select it from the list of configuration sets. Intego NetBarrier X3 User's Manual Page 187 Chapter 6 — Preferences and Configurations Deleting Configuration Sets To delete a configuration set, select Configurations... from the File menu. A dialog box displays. Select a set by clicking on one of the sets in the list, and then click Delete. A dialog box asks if you really want to delete this set. Click Delete. If you decide you do not want to delete this set, click Cancel. Intego NetBarrier X3 User's Manual Page 188 Chapter 6 — Preferences and Configurations Renaming Configuration Sets To rename a configuration set, select Configurations... from the File menu. A dialog box displays. Select a set by clicking on one of the sets in the list, and then click Rename. Enter the name for your new set, and click OK. If you decide you do not want to rename this set, click Cancel. Intego NetBarrier X3 User's Manual Page 189 Chapter 6 — Preferences and Configurations Exporting Settings You can save all your Intego NetBarrier X3 settings in a special file that you can then use to import these settings into another copy of Intego NetBarrier X3. This is especially useful if you manage many computers and want to use the same settings for all of them. To export your settings, select File > Export Settings... A dialog box asks you to name the settings file and choose a location to save it. Importing Settings If you have exported settings from one copy of Intego NetBarrier X3 (see above) you can import them into another copy of the program. To import settings, select File > Import Settings... A file dialog asks you to locate the settings file. Click Import and these settings are immediately applied to Intego NetBarrier X3. Intego NetBarrier X3 User's Manual Page 190 Chapter 7 – Customized Protection 7—Customized Protection Intego NetBarrier X3 User's Manual Page 191 Chapter 7 – Customized Protection Using Intego NetBarrier X3’s Customized Mode Additional options concerning Intego NetBarrier X3's Firewall feature are available in Customized mode. All the other features function in the same manner as presented above. Customized protection gives access to Intego NetBarrier X3's most powerful functions, by allowing you to configure its Firewall rules as precisely as you wish. Important: Intego NetBarrier X3's Customized protection should only be used by experienced network administrators. Incorrectly setting its options may disrupt your network activity. Intego NetBarrier X3 User's Manual Page 192 Chapter 7 – Customized Protection User-configurable Firewall Options Intego NetBarrier X3's Firewall allows you to create rules that examine incoming and outgoing data for specific sources, destinations and services, and act according to your choices. Your rules can be wide, such as preventing any incoming traffic from connecting to your computer, or precise, such as preventing incoming traffic from a specific host from connecting to a specific service on your computer. Rule Order Rules added to the Firewall function from the first to the last. This means that you need to make sure that your rules are in the correct order to function correctly. In this example, the first rule blocks data coming from the Internet (which includes all networks, even a local network). Rule 3, however, allows traffic from a local network, but since it is in 3rd position, it is not applied; the 1st rule takes precedence. For rule 3 to be applied, it needs to be moved to the top of the rule list. To do this, select the rule, and slide it above the rule you want to place it in front of. Intego NetBarrier X3 User's Manual Page 193 Chapter 7 – Customized Protection Creating Rules with the Assistant Intego NetBarrier X3 contains an assistant to help you create your own custom firewall rules. With this assistant, you can create your own rules with just a few mouse-clicks. While not all of Intego NetBarrier X3's rule features are available when you create rules with the assistant, it can cover most of your needs for firewall rules. If you need more customization, you can create rules using the assistant then edit them manually. The Intego NetBarrier X3 Assistant walks you through a series of steps to create your rule: • Name and Behavior • Direction • Service • Duration • Options • Conclusion To create a new rule using the assistant, click the Assistant button. Intego NetBarrier X3 User's Manual Page 194 Chapter 7 – Customized Protection The first assistant screen displays. Click the right arrow to begin creating a new rule. You can click the left arrow at any time to return to previous screens. Or click Close to exit the Assistant. Intego NetBarrier X3 User's Manual Page 195 Chapter 7 – Customized Protection Name and Behavior This screen lets you choose a name for your rule and its behavior. Enter a name for your rule in the name field, then select the behavior for the rule: Allow data or Deny data. If you select Allow data, the rule will allow data matching its direction and service to pass. If you select Deny data, the rule will block data matching its direction and service. Click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 196 Chapter 7 – Customized Protection Direction This screen lets you choose the communication direction and which host initiates the communication. First, in the This rule will affect connections with: section, select a remote host. You have four choices for the remote host: Any other computer This is any computer other than your Macintosh. Computers on my local network This is any computer on the same local network as your Macintosh. Intego NetBarrier X3 User's Manual Page 197 Chapter 7 – Customized Protection Computers on the default AirPort network This is any computer on your default AirPort network, if you have one. Computers on this custom network If you have created any custom networks using the standard rule editor, you can select one of them here. Next, select the computer that initiates the connection: My Macintosh This is your Macintosh, the computer using this rule. The other computer This is the remote host defined in the first part of this screen. When you have finished, click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 198 Chapter 7 – Customized Protection Service This screen lets you choose the service that the rule affects. You can choose from three types of services: All services This is all network services. TCP services (connected services) These are services that require a connection open and maintained between two computers, such as HTTP, FTP, TELNET, SSH, POP3, AppleShare, etc. This covers all TCP connections. Intego NetBarrier X3 User's Manual Page 199 Chapter 7 – Customized Protection This service: You can choose from a list of services that correspond to popular applications and protocols. Select the service you want to use by clicking its name in the list. When you have finished, click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 200 Chapter 7 – Customized Protection Duration This screen lets you choose how long the rule will be in effect. You can choose to have the rule never expire, or you can select a date and time for the rule to expire. If you choose to have the rule expire, you can select a date by clicking on the calendar, and you can change months and years by clicking the arrow buttons. To set the time, you can either type in the time field or click the arrow button to increase or decrease the time. Intego NetBarrier X3 User's Manual Page 201 Chapter 7 – Customized Protection If you choose to have the rule expire, it is deleted by default. To keep the rule and have it disabled, check Disable—do not delete. You can enable the rule manually at any time after it is disabled. When you have finished, click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 202 Chapter 7 – Customized Protection Options This screen lets you choose additional options for your rule. Two options are available on this screen: Log rule usage If you check this option, the firewall records each time this rule is used in its log. Disable the rule If you check this option, Intego NetBarrier X3 creates the rule but disables it. You can enable it manually later. When you have finished, click the right arrow to go to the next screen. Intego NetBarrier X3 User's Manual Page 203 Chapter 7 – Customized Protection Conclusion This screen creates the rule according to the settings you have selected in the assistant. This screen offers one final option: if you check Create a rule in the opposite direction, the assistant creates a matching rule with the source and destination switched. Click Create to create your rule and exit the assistant. Intego NetBarrier X3 User's Manual Page 204 Chapter 7 – Customized Protection When you have finished, you will see that your rule (or rules, if you checked Create a rule in the opposite direction) displays in the Intego NetBarrier X3 list of firewall rules. If you wish to further customize the rule, or edit it, see below, Editing Rules. Intego NetBarrier X3 User's Manual Page 205 Chapter 7 – Customized Protection Using Predefined Rule Sets Intego NetBarrier X3 includes many predefined rule sets, corresponding to the most common Internet and network applications, so you can add specific rules for the applications and protocols you use. These rules make it easy to either allow or deny traffic for any of these applications or protocols. To add a rule set, click the Add Set... button. The Rule Sets window displays. Intego NetBarrier X3 User's Manual Page 206 Chapter 7 – Customized Protection To select one of the Rule Sets, just click one of the applications or protocols in the list, click either Allow or Deny, and click Add. You will see that the rules for this application or protocol have been added to the rule list. All you need to do now is make sure the rule order corresponds to the way your rules should be applied. For more on this, see the Rule Order section above. Intego NetBarrier X3 User's Manual Page 207 Chapter 7 – Customized Protection Creating Rules You can also create individual rules using the Rule Editor. Click the Add rule... button and the Rule Editor displays. Intego NetBarrier X3's Rule Editor allows network administrators to quickly and easily define and implement a comprehensive security policy. It is extremely flexible, and allows you to define an unlimited number of rules. Intego NetBarrier X3 User's Manual Page 208 Chapter 7 – Customized Protection The Rule Editor is a simple interface for creating rules. You can create a new rule in seconds. To create a rule, you need to specify five things: • The Source • The Destination • The Service • The Interface • The Action At the top of the Rule Editor box is a field where you can name this rule. Just below it, are three check boxes. You must check the first one, Enabled, if you wish your rule to be activated. If it is not checked, Intego NetBarrier X3 does not use this rule. You may want to have rules that are not active at all times, so, in some cases you will not want to check this box. Or you may want to have certain rules active in one configuration, and not another. For more on using configuration sets, see chapter 6, Preferences and Configurations. Next to this check box is the Log check box. If this is checked, any time this rule acts, an entry is added to the log. If it is not checked, this rule is not logged. Intego NetBarrier X3 User's Manual Page 209 Chapter 7 – Customized Protection Also, if the Log check box is checked, the Stop processing check box will be active. If you check this box, and the rule is activated, the rules following this one is not checked. See below, Using the Stop Processing Function, for more on this function. You can also choose the rule's expiration. By default, this is set to Never. If you wish to have the rule expire, click the Expiration: popup menu and select Remove rule or Disable rule. If you choose Remove rule, Intego NetBarrier X3 deletes the rule at the expiration date. If you choose Disable rule, Intego NetBarrier X3 disables the rule at the expiration date. You can enable the rule manually at any time after it is disabled. When you choose one of these expiration options, the Set... button is enabled. Click this button to set the expiration date and time. A calendar sheet displays. Select a date by clicking on the calendar; you can change months and years by clicking the arrow buttons. To set the time, you can either type in the time field or click the arrow button to increase or decrease the time. Intego NetBarrier X3 User's Manual Page 210 Chapter 7 – Customized Protection When you have set the expiration date and time, click OK. The Rule Editor shows this date and time. Intego NetBarrier X3 User's Manual Page 211 Chapter 7 – Customized Protection Sources The Source, for a rule, is the entity that sends data. You can choose from four sources for any rule. You may notice that Intego NetBarrier X3 will not allow you to choose the same source and destination in a rule. There are four sources available by default: My Macintosh This is your computer. Local Network This is a local network that your computer is connected to. Airport Network This is a wireless Airport network that your computer is connected to. Internet This is the Internet, in addition to any local network you may be connected to. Selecting Internet actually means all networks. Intego NetBarrier X3 User's Manual Page 212 Chapter 7 – Customized Protection Creating new sources You can create new sources to use in your rules. This allows you to specify exactly which computers you wish to have your computer communicate with. To create a new source, select Add new network… from the source pop-up menu of the Rule Editor. The Network Editor displays. Intego NetBarrier X3 User's Manual Page 213 Chapter 7 – Customized Protection To create a new source, enter the following information. Source name You may give the source any name you wish, by entering a name in the text field. Source part Sources can have several parts. You can, for example, select several specific IP addresses and include them in a given source. See below, Address for more on addresses. Adding parts To add a part, click the plus icon in the part section of the Network Editor. Moving from one part to another You can move from one part to another by clicking either of the arrow icons, to move either forward or backward. Deleting parts To delete a part, it must be displayed. Click one of the arrow icons until the part you wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if you really want to delete this part. Click Delete to delete the part, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 214 Chapter 7 – Customized Protection Type of network A pop-up menu lets you select from six types of network. Anywhere This is any network. My Macintosh This is your computer. My local network This is the local network your computer is connected to. Machine This is a specific IP address. Network This is a specific network, identified by its IP address and Subnet mask. Interval This is a group of IP addresses, delimited by beginning and ending addresses. Intego NetBarrier X3 User's Manual Page 215 Chapter 7 – Customized Protection Address Depending on the type of network you select, the address section of the Network Editor will be different. Anywhere If you select this type of network, there is nothing to enter in the Address section, since this source covers all networks. My Macintosh If you select this type of network, the IP address of your computer displays in the Address field. My local network If you select this type of network, the beginning and ending addresses of your local network display in the Address field. Machine If you select this type of network, you must enter the IP address of a specific computer in this field. Network If you select this type of network, you must enter the IP address and Subnet mask of the network you wish to use. Interval If you have selected this type of network, you must enter the beginning and ending IP addresses of the networks you wish to use. Intego NetBarrier X3 User's Manual Page 216 Chapter 7 – Customized Protection Deleting Sources You can delete any sources that you have created. To do so, select the source, and then click the trashcan icon. A dialog box displays, asking if you really want to delete that source. Click Delete to delete the source, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 217 Chapter 7 – Customized Protection Destinations The destination, for a rule, is the entity that data is being sent to. You can choose among four destinations for any rule. You may notice that Intego NetBarrier X3 will not allow you to choose the same source and destination in a rule. There are four destinations available by default: My Macintosh This is your computer. Local Network This is a local network that your computer is connected to. Airport Network This is a wireless Airport network that your computer is connected to. Internet This is the Internet, in addition to any local network you may be connected to. Selecting Internet actually means all networks. Intego NetBarrier X3 User's Manual Page 218 Chapter 7 – Customized Protection Creating new destinations You can also create new destinations to use for your rules. This allows you to specify exactly which computers you wish to have your computer communicate with. This is done in the same manner as creating sources. To create a new destination, select Add new network… from the destination pop-up menu of the Rule Editor. Intego NetBarrier X3 User's Manual Page 219 Chapter 7 – Customized Protection The Network Editor displays. Intego NetBarrier X3 User's Manual Page 220 Chapter 7 – Customized Protection To create a new destination, enter the following information. Destination name You may give the destination any name you wish, by entering a name in the text field. Destination part Destinations can have several parts. You can, for example, select several specific IP addresses and include them in a given destination. See below, Address for more on addresses. Adding parts To add a part, click the plus icon in the part section of the Network Editor. Moving from one part to another You can move from one part to another by clicking either of the arrow icons, to move either forward or backward. Deleting parts To delete a part, it must be displayed. Click one of the arrow icons until the part you wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if you really want to delete this part. Click Delete to delete the part, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 221 Chapter 7 – Customized Protection Type of network A pop-up menu lets you select from six types of network. Anywhere This is any network. My Macintosh This is your computer. My local network This is the local network your computer is connected to. Machine This is a specific IP address. Network This is a specific network, identified by its IP address and Subnet mask. Interval This is a group of IP addresses, delimited by beginning and ending addresses. Intego NetBarrier X3 User's Manual Page 222 Chapter 7 – Customized Protection Address Depending on the type of network you select, the address section of the Network Editor will be different. Anywhere If you select this type of network, there is nothing to enter in the Address section, since this destination covers all networks. My Macintosh If you select this type of network, the IP address of your computer displays in the Address field. My local network If you select this type of network, the beginning and ending addresses of your local network display in the Address field. Machine If you select this type of network, you must enter the IP address of a specific computer in this field. Network If you select this type of network, you must enter the IP address and Subnet mask of the network you wish to use. Interval If you select this type of network, you must enter the beginning and ending IP addresses of the networks you wish to use. Intego NetBarrier X3 User's Manual Page 223 Chapter 7 – Customized Protection Deleting Destinations You can delete any destinations that you have created. To do so, select the destination, and then click the trashcan icon. A dialog box displays, asking if you really want to delete that destination. Click Delete to delete the destination, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 224 Chapter 7 – Customized Protection Services There are many services available by default: Intego NetBarrier X3 User's Manual Page 225 Chapter 7 – Customized Protection All If this is selected, the rule is active for all types of service. Mail If this is selected, the rule is active for e-mail only. FTP If this is selected, the rule is active for ftp only. Web If this is selected, the rule is active for HTTP, or web access, only. Connected services If this is selected, the rule is active for TCP services only. Well known ports If this is selected, the rule is active for well known ports, which are ports used by common applications. The remaining services are for specific programs or protocols. Intego NetBarrier X3 User's Manual Page 226 Chapter 7 – Customized Protection Creating New Services You can also create new services to use for your rules. This allows you to specify exactly which services you wish to have your computer accept or use. This is done in the same manner as creating sources. To create a new service, select Add new service… from the service pop-up menu of the Rule Editor. The Service Editor displays. Intego NetBarrier X3 User's Manual Page 227 Chapter 7 – Customized Protection To create a new service, enter the following information. Service name You may give the Service any name you wish, by entering a name in the text field. Service part Services can have several parts. You can, for example, select several specific services and include them in a given rule. Adding parts To add a part, click the plus icon in the part section of the Service Editor. Moving from one part to another You can move from one part to another by clicking either of the arrow icons, to move either forward or backward. Deleting parts To delete a part, it must be displayed. Click one of the arrow icons until the part you wish to delete is displayed. Click the trash can icon. A dialog box displays, asking if you really want to delete this part. Click Delete to delete the part, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 228 Chapter 7 – Customized Protection Protocol Four different protocol suites can be selected from the pop-up menu: TCP, UDP, ICMP and IGMP. You can also select Any, which covers all protocols. When you select one of these protocol suites, another pop-up menu displays in the bottom section of the panel, with a list of services that you can select from. This menu depends on the protocol you have selected. For more information on these protocols and services, see chapter 9, Glossary. Port or Type There are two possibilities when selecting the Port, for TCP or UDP services, or Type, for ICMP or IGMP services. Any port or Any type If this is selected, the rule is active for all ports, or types. Specified port or Specified type You can also specify the port number, or type. Selecting different services automatically inserts their standard port numbers in this field. If you need to use a different port number, you can enter it manually. Intego NetBarrier X3 User's Manual Page 229 Chapter 7 – Customized Protection Intervals For TCP and UDP services, you can also enter a range of ports. If you select Interval, you must enter the lowest and highest port numbers you wish to use in the From and To interval fields. Allow Broadcast packets If this is checked, broadcast packets, which are packets sent to all computers on a local network, are included in this service. Deleting Services You can delete any services that you have created. To do so, select the service, and then click the trashcan icon. A dialog box displays, asking if you really want to delete that service. If so, click OK. If not, click Cancel. Intego NetBarrier X3 User's Manual Page 230 Chapter 7 – Customized Protection Interfaces The interface, for a rule, is the network adapter that the data passes through. This can be an Ethernet card, a wireless AirPort card, a PPP connection or any other type of network interface. You can choose from the interfaces that exist on your computer, or you can create your own interfaces. Type of Interface A pop-up menu lets you select from your available network interfaces. This menu may include any or all of the following. Built-in Ethernet This is your built-in Ethernet card, if you have one. AirPort This is your AirPort card, if you have one. Intego NetBarrier X3 User's Manual Page 231 Chapter 7 – Customized Protection Creating New Interfaces You can create new interfaces to use in your rules. To create a new interface, select Add new interface... from the Interface popup menu. The Interface Editor displays. To create a new interface, enter the following information. Interface name You may give the interface any name you wish, by entering a name in the text field. Interface part Interfaces can have several parts. You can, for example, include several interfaces in your custom interface, ensuring that a given rule acts on more than one interface at a time. Intego NetBarrier X3 User's Manual Page 232 Chapter 7 – Customized Protection Adding parts To add a part, click the plus icon in the part section of the Network Editor. Moving from one part to another You can move from one part to another by clicking either of the arrow icons, to move either forward or backward. Deleting parts To delete a part, it must be displayed. Click one of the arrow icons until the part you wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if you really want to delete this part. Click Delete to delete the part, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 233 Chapter 7 – Customized Protection Type of Interface A pop-up menu lets you select either Any or Custom. If you want to create a custom interface, select Custom. Select the name of your interface and enter its number, then click OK to save this interface. Deleting Interfaces You can delete any interfaces that you have created. To do so, select the interface, and then click the trashcan icon. A dialog box displays, asking if you really want to delete that interface. Click Delete to delete the source, if not, click Cancel. Intego NetBarrier X3 User's Manual Page 234 Chapter 7 – Customized Protection Actions Two actions are possible for any rule: Allow or Deny. Select the action you wish to use for your rule by checking the appropriate radio button, at the bottom of the Rule Editor window. Deleting Rules If you wish to delete a rule, select the rule by clicking it, then click Remove... A dialog box displays, asking if you really want to delete this rule. Click OK. If you decide you do not want to delete this rule, click Cancel. Editing Rules If you wish to edit a rule, select the rule by clicking it, then click Edit... The Rule Editor will open, and you can make any changes you wish to this rule. When you have finished making changes, click OK to save your changes. If you decide you do not want to save the changes, click Cancel. Intego NetBarrier X3 User's Manual Page 235 Chapter 7 – Customized Protection Using the Stop Processing Function When you create a rule, and check the Log check box, the Stop processing check box is also activated. It is checked by default. If you leave it checked, the rules following the current rule are be verified. However, if you uncheck this check box, you can create a rule that logs incoming or outgoing traffic, but does not take any other action on the traffic. If the traffic's IP address or service corresponds to that selected in the rule, and the Stop processing check box is not checked, the traffic is logged, but nothing else is done to it. Note: you should be careful when creating rules for specific services. When you select a service for a specific program, it is possible that this program uses the same port as another program or service. Blocking or authorizing a specific service may conflict with other, more general rules. For example, if you wish to block ICQ traffic, selecting ICQ as a service will also block AOL Instant Messenger traffic since both programs use the same port. Other programs may also use the same ports. If you find that you cannot connect to a given service, or send or receive traffic, try deactivating your rules one by one to see if there is a conflict. Intego NetBarrier X3 User's Manual Page 236 Chapter 7 – Customized Protection Using the Rule Contextual Menu Intego NetBarrier X3 offers a contextual menu to work with firewall rules, which gives you quick access to many rule functions, and lets you make changes to rules with just a click. You can use this contextual menu to add new rules, to edit existing rules, or to change rule characteristics on the fly. To see this contextual menu, hold down the Control key and click on a rule. (If you have a two-button mouse, you can just click the right button of your mouse.) Intego NetBarrier X3 User's Manual Page 237 Chapter 7 – Customized Protection This contextual menu offers several options: Copy to Clipboard This lets you copy the contents of a rule to the clipboard. Insert Standard Set / Add Standard Set This lets you insert or add a standard set of rules. You can choose from five sets, in the submenu: No restrictions, No network, Client, local server, Server only, or Client only. State You can toggle the state of a rule, turning it On or Off. Behavior You can toggle the behavior of a rule, setting it to Allow or Deny traffic. Log You can toggle whether or not the rule records traffic information in the log. Switch Source & Destination This switches the source and destination of the rule. Duplicate This makes a copy of the rule. Edit… This lets you edit the rule using the Rule Editor window. Intego NetBarrier X3 User's Manual Page 238 Chapter 7 – Customized Protection Remove… This lets you delete the rule. Intego NetBarrier X3 User's Manual Page 239 Chapter 8 – Technical Support 8—Technical Support Intego NetBarrier X3 User's Manual Page 240 Chapter 8 – Technical Support Technical support is available for registered purchasers of Intego NetBarrier X3. By e-mail [email protected] From the Intego web site www.intego.com NetBarrier uses the EDCommon and EDInternet frameworks written by Erik Dörnenburg. Intego NetBarrier X3 User's Manual Page 241 Chapter 9—Glossary 9—Glossary Intego NetBarrier X3 User's Manual Page 242 Chapter 9—Glossary Address mask: A bit mask used to identify which bits in an IP address correspond to the network address and subnet portions of the address. Address mask reply: A reply sent to an address mask request. Address mask request: A command that requests an address mask. Bootp: The Bootstrap Protocol. A protocol used for booting diskless workstations. Bootp client: A computer operating as a Bootp client. Bootp server: A computer operating as a Bootp server. Broadcast packet: On an Ethernet network, a broadcast packet is a special type of multicast packet which all nodes on the network are always willing to receive. Chat: A system that allows two or more logged-in users to set up a typed, real-time, on-line conversation across a network. Client: A computer system or process that requests a service of another computer system or process (a "server"). For example, a workstation requesting the contents of a file from a file server is a client of the file server. Connection flood: An attack on a computer, where the sending system sprays a massive flood of packets at a receiving system, in an attempt to connect to it, more than it can handle, disabling the receiving computer. Cookie: file on your hard disk, which contains information sent by a web server to a web browser and then sent back by the browser each time it accesses that server. Typically, this is used to authenticate or identify a registered user of a web site without requiring them to sign in again every time they access that site. Other uses are, e.g. maintaining a "shopping basket" of goods you have selected to purchase during a session at a site, site personalization (presenting different pages to different users), tracking a particular user's access to a site. Datagram: A self-contained package of data that carries enough information to be routed from source to destination independently of any previous and subsequent exchanges. Datagram conversion error: An error in datagram conversion. Intego NetBarrier X3 User's Manual Page 243 Chapter 9—Glossary DNS: Domain Name System. Used by routers on the Internet to translate addresses from their named forms, such as www.intego.com, to their IP numbers. Echo: The request sent during a ping. Echo reply: The reply sent to an echo request. Finger: A program that displays information about a particular user on the Internet, or on a network. FTP: File Transfer Protocol. A protocol used for transferring files from one server to another. Files are transferred using a special program designed for this protocol, or a web browser. Gopher: A distributed document retrieval system, which was a precursor to the World Wide Web. Host: A computer connected to a network. HTTP: HyperText Transfer Protocol, the protocol used to send and receive information across the World Wide Web. ICMP: Internet Control Message Protocol. This protocol handles error and control messages sent between computers during the transfer process. IGMP: Internet Group Management Protocol. IMAP4: Internet Message Access Protocol. A protocol allowing a client to access and manipulate electronic mail messages on a server. It permits manipulation of remote message folders (mailboxes), in a way that is functionally equivalent to local mailboxes. Intranet routing: The process, performed by a router, of selecting the correct interface and next hop for a packet being forwarded on an Intranet. IP: The network layer for the TCP/IP protocol suite widely used on Ethernet networks and on the Internet. IP address: An address for a computer using the Internet Protocol. Irc: Internet Relay Chat. A medium for worldwide "party line" networks that allowing one to converse with others in real time. Intego NetBarrier X3 User's Manual Page 244 Chapter 9—Glossary Local network: A network of computers linked together in a local area. This may be a single building, site or campus. NETBIOS: Network Basic Input/Output System. A layer of software originally developed to link a network operating system with specific hardware. It can also open communications between workstations on a network at the transport layer. Network: A group of interconnected computers that can all access each other, or certain computers. This may be a local network, or a very large network, such as the Internet. NNTP: Network News Transfer Protocol. A protocol for the distribution, inquiry, retrieval and posting of Usenet news articles over the Internet. Ntp: Network Time Protocol. A protocol that assures accurate local timekeeping with reference to radio, atomic or other clocks located on the Internet. This protocol is capable of synchronizing distributed clocks within milliseconds over long periods. Packet: The basic unit of data sent by one computer to another across most networks. A packet contains the sender's address, the receiver's address, the data being sent, and other information. Ping: A program used to test reachability of computers on a network by sending them an echo request and waiting for a reply. Ping broadcast: An attack similar to a ping flood. See below. Ping flood: A ping attack on a computer, where the sending system sends a massive flood of pings at a receiving system, more than it can handle, disabling the receiving computer. Ping of death: An especially dangerous ping attack, that can cause your computer to crash. POP3: Post Office Protocol, version 3. POP3 allows a client computer to retrieve electronic mail from a POP3 server. Port scan: A procedure where an intruder scans the ports of a remote computer to find which services are available for access. Protocol: The set of rules that govern exchanges between computers over a network. There are many protocols, such as IP, HTTP, FTP, NNTP, etc. Intego NetBarrier X3 User's Manual Page 245 Chapter 9—Glossary Router: A device that forwards packets between networks, reading the addressing information included in the packets. Server: A computer connected to a network that is serving, or providing data or files to other computers called clients. Service: A network function available on a server, i.e. http, ftp, e-mail etc. SMTP: Simple Mail Transfer Protocol A protocol used to transfer electronic mail between computers. Spam: Unwanted e-mail messages, usually sent to thousands, even millions of people at a time, with a goal of selling products or services. TCP: Transmission Control Protocol. The most common data transfer protocol used on Ethernet and the Internet TCP/IP: The Internet version of TCP -TCP over IP. Telnet: The standard Internet protocol used for logging into remote computers. Tftp: Trivial File Transfer Protocol. A simple file transfer protocol used for downloading boot code to diskless workstations. Traceroute: A utility used to determine the route packets are taking to a particular host. UDP: User Datagram Protocol. An Internet protocol that provides simple but unreliable datagram services. Whois: An Internet directory service for looking up information on domain names and IP addresses. Intego NetBarrier X3 User's Manual Page 246