...

What is Intego NetBarrier X3?

by user

on
Category: Documents
37

views

Report

Comments

Transcript

What is Intego NetBarrier X3?
User's Manual
Intego NetBarrier X3 User's Manual
Page 1
Intego NetBarrier X3 for Macintosh
© 1999—2003 Intego, Inc. All Rights Reserved
Intego, Inc.
www.intego.com
This manual was written for use with Intego NetBarrier X3 software for Macintosh. This
manual and the Intego NetBarrier X3 software described in it are copyrighted, with all
rights reserved. This manual and the Intego NetBarrier X3 software may not be copied,
except as otherwise provided in your software license or as expressly permitted in writing
by Intego, Inc.
The Software is owned by Intego and its suppliers, and its structure, organization and code
are the valuable trade secrets of Intego and its suppliers. The Software is protected by
United States Copyright Law and International Treaty provisions.
Intego NetBarrier X3 User's Manual
Page 2
Contents
1- About Intego NetBarrier X3 .......................................................................................6
What is Intego NetBarrier X3?........................................................................................................ 7
Intego NetBarrier X3's Features.................................................................................................................. 7
Personal Firewall ........................................................................................................................................... 7
Antivandal ...................................................................................................................................................... 7
Data Filter ....................................................................................................................................................... 9
Intego NetBarrier X3's Privacy Protection................................................................................................ 9
Monitoring.................................................................................................................................................... 10
Using this User’s Manual .............................................................................................................. 11
2—Introduction to Computer Security........................................................................12
Why You Need to be Protected .................................................................................................... 13
How Can a Computer be Totally Safe? ................................................................................................... 14
What Is a Firewall?...................................................................................................................................... 14
Friend or Foe? .............................................................................................................................................. 15
What You Risk ................................................................................................................................. 15
Why People Break into Computers.......................................................................................................... 15
The Different Types of Attacks and Intrusions Possible...................................................................... 16
Privacy Protection............................................................................................................................ 17
3—Installation...............................................................................................................19
System Requirements..................................................................................................................... 20
Installing Intego NetBarrier X3.................................................................................................... 20
Registering Intego NetBarrier X3 ................................................................................................ 23
4—Quick Start ...............................................................................................................26
Intego NetBarrier X3's Setup Assistant ...................................................................................... 27
Using Intego NetBarrier X3 ....................................................................................................................... 36
Using the Intego NetBarrier X3 Overview Screen................................................................... 36
Resizing Intego NetBarrier X3 Windows................................................................................................ 39
Using the NetBarrier X3 Menu..................................................................................................... 40
Intego NetBarrier X3 Password Protection................................................................................ 42
Getting Help..................................................................................................................................... 42
Intego NetBarrier X3 User's Manual
Page 3
5—The 4 Lines of Defense .............................................................................................43
Firewall .............................................................................................................................................. 44
Firewall settings........................................................................................................................................... 45
The Log.......................................................................................................................................................... 47
Trojan Horse Protection ............................................................................................................................. 65
Antivandal......................................................................................................................................... 67
Options .......................................................................................................................................................... 68
Setting Ping Flooding Sensitivity ............................................................................................................. 70
Setting SYN Flooding Sensitivity ............................................................................................................. 71
Setting Port Scan Sensitivity...................................................................................................................... 72
Alerts .................................................................................................................................................. 73
Attack Counter............................................................................................................................................. 75
Alert Options................................................................................................................................................ 76
The Stop List................................................................................................................................................. 79
The Trusted Group...................................................................................................................................... 93
Application Control ......................................................................................................................106
Using the Applications Tab..................................................................................................................... 107
Trusting System Processes....................................................................................................................... 109
Privacy Filters.................................................................................................................................115
Data Filter ................................................................................................................................................... 116
Banner Filter ............................................................................................................................................... 124
Cookie Manager......................................................................................................................................... 129
Cleaning Browser Files............................................................................................................................. 134
Surf Filter .................................................................................................................................................... 136
Monitoring ......................................................................................................................................140
Traffic........................................................................................................................................................... 140
The Intego NetBarrier X3 Monitor Screen Saver ................................................................................. 158
Network ...................................................................................................................................................... 161
Whois ........................................................................................................................................................... 166
Traceroute ................................................................................................................................................... 167
NetUpdate .......................................................................................................................................169
Intego NetBarrier X3 User's Manual
Page 4
6—Preferences and Configurations............................................................................170
Intego NetBarrier X3 Preferences ..............................................................................................171
Interface....................................................................................................................................................... 172
Modem ........................................................................................................................................................ 173
Log Export Preferences ............................................................................................................................ 174
Traffic Export Preferences........................................................................................................................ 179
Whois ........................................................................................................................................................... 183
About Intego NetBarrier X3 ........................................................................................................185
Configuration Sets ........................................................................................................................186
Selecting the Active Configuration Set.................................................................................................. 186
Adding Configuration Sets...................................................................................................................... 187
Deleting Configuration Sets .................................................................................................................... 188
Renaming Configuration Sets ................................................................................................................. 189
Exporting Settings ..................................................................................................................................... 190
Importing Settings..................................................................................................................................... 190
7—Customized Protection..........................................................................................191
Using Intego NetBarrier X3’s Customized Mode ..................................................................192
User-configurable Firewall Options ...................................................................................................... 193
Rule Order .................................................................................................................................................. 193
Creating Rules with the Assistant.............................................................................................194
Using Predefined Rule Sets ..................................................................................................................... 206
Creating Rules................................................................................................................................208
Sources......................................................................................................................................................... 212
Destinations................................................................................................................................................ 218
Services........................................................................................................................................................ 225
Interfaces ..................................................................................................................................................... 231
Deleting Rules ............................................................................................................................................ 235
Editing Rules .............................................................................................................................................. 235
Using the Stop Processing Function ...................................................................................................... 236
Using the Rule Contextual Menu........................................................................................................... 237
8—Technical Support ..................................................................................................240
9—Glossary..................................................................................................................242
Intego NetBarrier X3 User's Manual
Page 5
Chapter 1 – About Intego NetBarrier X3
1- About Intego
NetBarrier X3
Intego NetBarrier X3 User's Manual
Page 6
Chapter 1 – About Intego NetBarrier X3
What is Intego NetBarrier X3?
Intego NetBarrier X3 is the Internet security solution for Macintosh computers running
Mac OS X. It offers thorough protection against intrusions coming across the Internet or a
local network.
Intego NetBarrier X3 protects your computer from intrusions by constantly filtering all the
activity that enters and leaves through the Internet or a network. Intego NetBarrier X3
protects you from thieves, hackers and intruders, and warns you automatically if any
suspicious activity occurs.
Intego NetBarrier X3's Features
Intego NetBarrier X3 has four lines of defense, to protect your computer and your
data from intrusions and attacks.
Personal Firewall
Intego NetBarrier X3 contains a personal firewall that filters data as it enters and leaves
your computer. A full set of basic filtering rules is used by default, and its Customized
protection mode allows you to create your own rules, if you need to.
Antivandal
Intego NetBarrier X3's Antivandal is a powerful guardian for your computer. It watches
over your computer's network activity, looking for signs of intrusion, and, if it detects
anything, stops the intruder in their tracks and sends you an alert. The Antivandal has
Intego NetBarrier X3 User's Manual
Page 7
Chapter 1 – About Intego NetBarrier X3
another powerful function, the Stop List, that records the address of any intruder who
attempts to get into your computer, and ensures that they cannot come back. Several
options allow you to choose the type of protection you have on your computer.
Alerts
Intego NetBarrier X3 stops all incoming data that is considered hostile. It can
display an alert dialogue, showing why the data was stopped, and asking you to
allow or deny it. You can also select other alert options, such as having Intego
NetBarrier X3 play a sound, put the host automatically in the Stop List or send an email message to the address(es) of your choice in the case of an alert.
Stop List
When an intruder is detected trying to break in to your computer, Intego NetBarrier
X3 allows you to put them on the Stop List, where their network address will be
saved, and if a computer with the same address tries to enter your computer again it
will be automatically blocked.
Trusted Group
In some cases, computers you know—friends, not foes—will be blocked by Intego
NetBarrier X3. These may be computers on your local network, blocked because
they are sending pings to your computer, for example. Intego NetBarrier X3 allows
you to put them in the Trusted Group, where they will be considered friends for as
long as you want, ensuring that computers on your network have full access to your
computer.
Application Control
Intego NetBarrier X3 lets you control Internet and network access by individual
applications. Whenever an untrusted application tries to connect to the network,
Intego NetBarrier X3 User's Manual
Page 8
Chapter 1 – About Intego NetBarrier X3
Intego NetBarrier X3 can display an alert, informing you which application is
making the connection. If you want to allow that application to access the
network—if it truly is an application you know should be using the network—then
you can do so. But if an application tries to connect surreptitiously, you can block it
permanently.
Data Filter
Intego NetBarrier X3 has a unique function that protects you and your information: its Data
Filter ensures that any sensitive information you choose to protect cannot leave your
computer and go onto a network. You decide what to protect, such as your credit card
number, passwords, or key words that appear in sensitive documents, and Intego NetBarrier
X3's Data Filter checks each outgoing packet to make sure that no documents containing
this information are sent. Not only does this protect you from accidentally sending
documents containing this information, it also prevents anyone who has network access to
your computer from taking copies of them.
Intego NetBarrier X3's Privacy Protection
Intego NetBarrier X3 helps protect your privacy. It can block ad banners and lets you
manage cookies, deleting them whenever you want. It can clean your browser's cache and
history files. And it has a unique feature that hides information about your computer: its
platform, which browser you are using, and the last web page you visited.
Intego NetBarrier X3 User's Manual
Page 9
Chapter 1 – About Intego NetBarrier X3
Monitoring
Intego NetBarrier X3 contains powerful tools for monitoring your network activity and
usage. Its activity gauges show your network traffic in real time, and its additional
monitoring functions give you essential information on your computer, its network, and the
services and connections that are active.
Intego NetBarrier X3 even offers a monitoring screen saver, so you can always keep on eye
on your network traffic.
Intego NetBarrier X3 User's Manual
Page 10
Chapter 1 – About Intego NetBarrier X3
Using this User’s Manual
You are a:
• Home user, connected to the Internet
If this is your situation, you should read chapter 2, Introduction to Computer
Security, and then go on to chapter 3, Installation, and chapter 4, Quick Start. If you
feel you have learned enough, you can stop there—Intego NetBarrier X3 is configured
to automatically protect your computer from intruders. If you want to know more, go on
and read chapter 5, The Four Lines of Defense.
• Business or Academic user, connected to a local network and the
Internet
If you are connected to a local network, you will want to read the above as well. Intego
NetBarrier X3's basic protection modes will probably be sufficient for you.
• Advanced user, using your computer as a server, or administering a
network
The entire manual concerns your situation, but you will especially want to read chapter
7, Customized Protection, to find out how to create your own rules.
There is a glossary at the end of the manual that defines the specific terms used.
Intego NetBarrier X3 User's Manual
Page 11
Chapter 2 – Introduction to Computer Security
2—Introduction to
Computer Security
Intego NetBarrier X3 User's Manual
Page 12
Chapter 2 – Introduction to Computer Security
Why You Need to be Protected
Whether you use your computer for work or just for surfing the Internet, whether you are
on-line all day long, or just occasionally, whether you are on a local network in a home
office, or part of a large corporation or educational institution, your computer contains
sensitive information. This may be anything from your credit card numbers to your bank
account information, contracts with customers or employees, confidential projects or e-mail
messages and passwords. No matter what you have on your computer that is for your eyes
only, there is somebody out there who would certainly find it interesting.
The more you use your computer for daily activities, whether personal or professional, the
more information it holds that should be protected.
Think of your computer as a house. You certainly lock your doors and windows when you
go out, but do you protect your computer in the same way? As long as you are connected to
a network, there is a way for wily hackers or computer criminals to get into it—unless you
protect it with Intego NetBarrier X3.
When your computer is connected to a network, whether it be a private, local network, or
the Internet, it is like a house on a street, with doors and windows. Intego NetBarrier X3
works like a lock, to protect those doors and windows. You never know who is watching
when you are connected to a web site. Maybe that gaming site, with the cheats you were
looking for, has a cracker behind it, who wants to snoop on your computer, to see if he can
find anything interesting. Or perhaps that stock market information site, where you went to
get company results, has a curious hacker watching who connects, and who enjoys messing
up people's computers just for fun.
Intego NetBarrier X3 User's Manual
Page 13
Chapter 2 – Introduction to Computer Security
Without Intego NetBarrier X3, you may never know if
anyone is trying to get into your computer.
A computer is only as secure as the people who have access to it. Intego NetBarrier X3
protects your computer by preventing unauthorized network access to your computer, and
by protecting against unauthorized export of private information.
How Can a Computer be Totally Safe?
It has been said that the only truly secure computer is one that is switched off and
unplugged, locked in a titanium-lined safe, buried in a concrete bunker, and surrounded by
nerve gas and very highly-paid armed guards. Obviously, this is not practical—if you have
a computer, you want to be able to use it.
But Intego NetBarrier X3 provides a level of protection that goes far beyond what most
users need, and its customizable rules make it a powerful tool for system and network
administrators, allowing them to adapt the protection to their specific needs.
What Is a Firewall?
A firewall is, as its name suggests, like a wall. It protects your computer or network by
separating users into two groups—those inside the wall, and those outside. It is configured
to determine what access outsiders have to computers inside the wall, and what access
insiders have to computers and networks on the other side of the wall.
A firewall is a kind of filter that acts between your computer, or network, and a wide area
network such as the Internet. It functions by filtering packets of data, and examining where
they come from and where they are going.
Intego NetBarrier X3 User's Manual
Page 14
Chapter 2 – Introduction to Computer Security
Intego NetBarrier X3 allows advanced users to configure specific rules, to protect against
foes that wish to infiltrate your computer.
Friend or Foe?
Every wall has to have a gate so people can get in and out. Intego NetBarrier X3's
Antivandal acts as a filter, or a guard standing at the gate in the wall, checking all incoming
and outgoing data for signs of hackers, crackers, vandals, spies, intruders and thieves. This
can be done because there are many "standard" ways to enter an unprotected computer, and
Intego NetBarrier X3 knows these methods.
What You Risk
Why People Break into Computers
People break into computers for many reasons. Sometimes this is done just to get into more
systems; by hopping between many computers before breaking into a new one, crackers
hope to confuse any possible pursuers and put them off the scent. There is an advantage to
be gained in breaking into as many different sites as possible, in order to "launder" your
connections.
Another reason is that some people simply love to play with computers and stretch them to
the limits of their capabilities. This is a bit like people who write graffiti on walls—they
just want to do it because it’s there.
But the more serious invaders are real criminals. These may be competitors, looking for
information on your company's activities, projects or customers; thieves, looking for
Intego NetBarrier X3 User's Manual
Page 15
Chapter 2 – Introduction to Computer Security
passwords and credit card numbers; or simply spies. While most companies have computer
security policies, few of them think of protecting data on their employees' home
computers—but these computers often have sensitive documents that employees have
brought home from work.
Unfortunately, we live in a world where anything of value is a target for thieves. Since
today's economy is built around information, it is obvious that information has become the
latest target. Here's a simple example: last year, on Mother's Day, you sent your mother, or
maybe your wife, some flowers. You ordered by fax, because you don't trust sending your
credit card number over the web. But the document that you typed, containing your credit
card number, is still on your hard disk. If someone found it, they would have your credit
card number, and you might become a victim of fraud.
The Different Types of Attacks and Intrusions Possible
There are many reasons why people attempt to obtain entry into other people's computers,
and many ways to do so. Here are some of them:
• Stealing confidential documents or information.
• Executing commands on your computer that modify the system, erase your hard
disk, or disable your computer.
• Hacking web sites, by replacing pages with different text and graphics.
• Launching denial-of-service attacks that can render your computer temporarily
unusable.
• Getting information about your computer, that will allow someone to break into
your network, or your computer, at a later time.
Intego NetBarrier X3 User's Manual
Page 16
Chapter 2 – Introduction to Computer Security
Privacy Protection
One thing you don't notice when you surf the Internet is how much personal information
different web sites try to get from you. You can clearly see the ones that openly ask you to
register to use them; you enter a user name and a password, and sometimes your name,
address, and other information as well. This information is often used to trace your
behavior, to find what your interests are, and to market products and services to you.
More and more Internet users refuse to give web sites this kind of information. Sometimes
you learn the hard way: you register at a web site, and end up getting spam, e-mail about
things you never requested. By then, it's usually too late.
But web sites have other ways of getting information about you and your behavior. Did you
know that your browser sends information to web sites telling which operating system you
are using, which browser you are surfing with, and even the last web page you visited?
Then there are cookies. A cookie is a file on your hard disk, which contains information
sent by a web server to a web browser and then sent back by the browser each time it
accesses that server. Typically, this is used to authenticate or identify a registered user of a
web site without requiring them to sign in again every time they access that site. Other uses
are maintaining a "shopping basket" of goods you have selected to purchase during a
session at a site, site personalization (presenting different pages to different users), or
tracking a particular user's access to a site.
While cookies can have legitimate uses, as we have seen above, unscrupulous web sites use
them to collect data on your surfing habits. They sell this data to companies that will then
target you specifically for products and services that correspond to these habits, or even
ensure that when you surf on certain sites, you see ad banners that match these habits.
Intego NetBarrier X3 User's Manual
Page 17
Chapter 2 – Introduction to Computer Security
Intego NetBarrier X3's approach to privacy is simple: it provides you with the means to
prevent certain information from being recorded without your knowledge.
Intego NetBarrier X3 User's Manual
Page 18
Chapter 3 – Installation
3—Installation
Intego NetBarrier X3 User's Manual
Page 19
Chapter 3 – Installation
System Requirements
• Any officially-supported Mac OS X compatible computer
• Mac OS X 10.1.1 or higher, or Mac OS X Server 10.1.1 or higher
• 25 MB free hard disk space
• Minimum screen resolution 800 x 600
Installing Intego NetBarrier X3
Installing Intego NetBarrier X3 is very simple. Insert the Intego NetBarrier X3 CD-ROM in
your computer's CD-ROM drive. (If you have purchased Intego NetBarrier X3 by
download, you will have a disk image file, called Intego NetBarrier X3.dmg. Double-click
this file to open the disk image, which will mount on the desktop.) A window opens,
containing a series of folders, one for each language. Double-click the folder for your
language, and you'll see the Intego NetBarrier X3 installer, the Read me file, and the Intego
NetBarrier X3 manual (this file).
First, read the Read me file, for any late-breaking changes.
Then, double-click the Intego NetBarrier X3 installer.
Intego NetBarrier X3 User's Manual
Page 20
Chapter 3 – Installation
You will see a window informing you that you must enter an administrator’s password to
install Intego NetBarrier X3. Enter your password in the dialog that is displays or click the
lock to enter your password (OS X 10.1). Enter your password, then click OK. The
following window displays:
Click Continue to proceed with installation. The Intego software license displays. Click
Continue, then click Agree if you accept this license; if not, click Disagree, and the installer
will quit.
Intego NetBarrier X3 User's Manual
Page 21
Chapter 3 – Installation
The next window shows all the available disks or volumes on your computer. Select the
disk or volume where you want to install Intego NetBarrier X3, then click Continue.
Click Install to install Intego NetBarrier X3. This performs a basic installation. If you wish
to perform a custom installation, click Customize. The following window displays:
This window lets you choose which items will be installed. As you can see, the Common
Intego Services check box is grayed out, because this must be installed. You have the
choice of installing either Intego NetBarrier X3, NetUpdate or both.
After installation, you will have to restart your computer.
Intego NetBarrier X3 User's Manual
Page 22
Chapter 3 – Installation
Registering Intego NetBarrier X3
When you restart your computer, open Intego NetBarrier X3—it is found in your
Applications folder. Intego NetBarrier X3 will open its Registration program, and display
the following window:
Since Mac OS X is a multi-user operating system, not all users have the same privileges.
When starting up Intego NetBarrier X3 for the first time, any user can enter the serial
number, but only a user with administrator privileges can configure the program.
You must enter your name, company, if any, and your serial number. The serial number is
found on a sticker on the Intego NetBarrier X3 CD. When registration is completed, Intego
NetBarrier X3 will open, and, if you are an administrator, you can configure the program.
Intego NetBarrier X3 User's Manual
Page 23
Chapter 3 – Installation
Using Intego NetBarrier X3 in Evaluation Mode
Intego NetBarrier X3 offers an evaluation mode, to allow you to discover how it works
before purchasing the program. To use Intego NetBarrier X3 in evaluation mode, click
Cancel when the registration screen displays. Intego NetBarrier X3 then displays a screen
asking if you want to run the program in Evaluation mode. If you do, click Evaluation
mode; if not, click Cancel.
When Intego NetBarrier X3 runs in evaluation mode, it functions for 30 days. At the end of
this period, you can either purchase a license for Intego NetBarrier X3 or delete the
program.
Intego NetBarrier X3 User's Manual
Page 24
Chapter 3 – Installation
You can find out how much time is left in your evaluation session by choosing About
Intego NetBarrier X3 from the Intego NetBarrier X3 menu. The About screen tells you that
the program is in evaluation mode, and shows the time remaining in evaluation mode.
If you wish to purchase a license for Intego NetBarrier X3, click the Buy Now... button on
the about window to go to the Intego web site.
Intego NetBarrier X3 User's Manual
Page 25
Chapter 4 – Quick Start
4—Quick Start
Intego NetBarrier X3 User's Manual
Page 26
Chapter 4 – Quick Start
Intego NetBarrier X3's Setup Assistant
When you first open Intego NetBarrier X3, the program's Setup Assistant launches to help
you quickly and easily adjust Intego NetBarrier X3's basic settings so they are adapted to
your network usage.
Intego NetBarrier X3 User's Manual
Page 27
Chapter 4 – Quick Start
The Intego NetBarrier X3 Setup Assistant walks you through a series of steps to configure
the program:
• Computer Info
• Services
• Connection
• Cable Connection
• Alert Notification
• E-mail Info
• Conclusion
Click the right arrow to begin configuring Intego NetBarrier X3. You can click the left
arrow at any time to return to previous screens.
Or click Skip to start Intego NetBarrier X3 without using the Setup Assistant.
Intego NetBarrier X3 User's Manual
Page 28
Chapter 4 – Quick Start
Computer Info
This screen asks you some questions about how you use your Macintosh.
Choose the profile that best fits your usage.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 29
Chapter 4 – Quick Start
Services
This screen asks whether your Macintosh is running a web server.
If you have enabled Personal Web Sharing in the Sharing System Preferences pane, click
Yes. If not, click No.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 30
Chapter 4 – Quick Start
Connection
This screen asks you how your Macintosh is connected to the Internet.
Choose the appropriate connection method.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 31
Chapter 4 – Quick Start
Cable Connection
If you checked Cable on the previous screen, the Cable Connection screen displays. This
screen asks if you have a limit on data uploads.
If you have a limit on your data uploads, and wish to have Intego NetBarrier X3 notify you
when you reach this limit, check Yes, notify me, and enter your monthly limit in the field.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 32
Chapter 4 – Quick Start
Alert Notification
This screen asks you how you want Intego NetBarrier X3 to react when it detects an
intrusion or attack.
Choose the action you want Intego NetBarrier X3 to take from the choices proposed.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 33
Chapter 4 – Quick Start
Mail Info
If you checked Send an e-mail on the previous screen, this screen asks you to enter e-mail
information so Intego NetBarrier X3 can send e-mail alerts.
Enter your e-mail address and mail server in the appropriate fields.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 34
Chapter 4 – Quick Start
Conclusion
This final screen configures Intego NetBarrier X3 according to your choices.
Click Configure to configure Intego NetBarrier X3 and exit the assistant. Click the left
arrow to return to any of the previous screens to make changes.
Intego NetBarrier X3 User's Manual
Page 35
Chapter 4 – Quick Start
Using Intego NetBarrier X3
After you have configured Intego NetBarrier X3 with the Setup Assistant, Intego
NetBarrier X3 opens and displays its Overview screen.
Using the Intego NetBarrier X3 Overview Screen
When you open Intego NetBarrier X3, the program displays its Overview screen (see
above). This screen gives you quick access to Intego NetBarrier X3's functions and a
summary of all its settings. The Overview screen lets you check on Intego NetBarrier X3 in
a glance. Each section of the Overview screen shows information corresponding to one of
the four lines of defense.
Intego NetBarrier X3 User's Manual
Page 36
Chapter 4 – Quick Start
The Firewall section of the Overview screen gives you information
about Firewall, Log and Trojan settings.
The Antivandal section of the Overview screen gives you information
about Alerts, the Stop List, the Trusted Group and Application
blocking.
The Privacy section of the Overview screen gives you information
about Data, Banner, Cookie and Surf filters, and tells you the last time
you cleaned out your cache files and histor files.
The Monitoring section of the Overview screen gives you information
about Incoming and Outgoing traffic.
Intego NetBarrier X3 User's Manual
Page 37
Chapter 4 – Quick Start
In addition, two other buttons give you access to other features of Intego NetBarrier X3:
The NetUpdate section of the Overview screen gives you information
about the version of Intego NetBarrier X3 you have installed, the last
time you checked for an update and the available version.
You can return to the Overview screen at any time, no matter which
screen is open, by clicking the Overview button.
The Overview screen also provides one-click access to all of Intego NetBarrier X3's
windows and tabs. As you move your cursor over the white text labels, you'll notice that
these labels become underlined. Just click one of these labels to go directly to its window or
tab.
Click any of the buttons on the left of the window to return to those windows, or click the
Overview button to return to the Overview screen.
Intego NetBarrier X3 User's Manual
Page 38
Chapter 4 – Quick Start
Resizing Intego NetBarrier X3 Windows
With the exception of the Overview window, all of Intego NetBarrier X3's windows are
resizable. To change the size of a window, click the lower-right corner of the window and
drag it to the size you want.
You can decrease the size of any window by dragging to make it smaller.
Intego NetBarrier X3 User's Manual
Page 39
Chapter 4 – Quick Start
Using the NetBarrier X3 Menu
Intego NetBarrier X3 installs a menu in your menu bar, offering you quick access to many
of the program's functions. (You can turn off this menu in the Intego NetBarrier X3
preferences; see Chapter 6, Preferences and Configurations, for more.) Click the Intego
NetBarrier X3 icon in the menu bar to display the menu.
Intego NetBarrier X3 User's Manual
Page 40
Chapter 4 – Quick Start
You can set the active firewall mode from this menu by selecting one of the six
possibilities. When you do this, the menu bar icon changes to show which firewall mode is
active.
No Restrictions
No Network
Client, Local Server
Server Only
Client Only
Customized
You can also turn on or off certain functions of Intego NetBarrier X3 by selecting them
from the menu. A check mark in the menu shows that the function is on. For example, to
turn on the Banner Filter, select that item in the menu. It will display a check showing it is
active.
You can also select configurations from the Intego NetBarrier X3 menu. See Chapter 6,
Preferences and Configurations, for more on creating and using configurations.
And you can open Intego NetBarrier X3 from this menu by selecting Open Intego
NetBarrier X3...
Intego NetBarrier X3 User's Manual
Page 41
Chapter 4 – Quick Start
Intego NetBarrier X3 Password Protection
Intego NetBarrier X3 uses built-in Mac OS X password protection. In order to install and
configure the program, the user must have administrator’s rights, and log in with an
administrator’s name and password. Other users, who do not have administrator’s rights,
cannot change any of Intego NetBarrier X3’s settings or preferences. These users can view
such things as logs and traffic gauges, but this protection ensures that unauthorized users
cannot make changes to the program’s operation.
Getting Help
You can get help on some of Intego NetBarrier X3’s functions by holding your cursor over
certain texts and zones:
A Tool Tip displays explaining the various functions and features.
You can also get help in this manual, or by checking the Intego web site: www.intego.com.
Intego NetBarrier X3 User's Manual
Page 42
Chapter 5 — The 4 Lines of Defense
5—The 4 Lines of
Defense
Intego NetBarrier X3 User's Manual
Page 43
Chapter 5 — The 4 Lines of Defense
Intego NetBarrier X3 is a powerful, easy-to-use program that protects your computer when
connected to a network. It offers four lines of defense to protect your computer from
intrusions and attacks.
Firewall
Intego NetBarrier X3 contains a personal firewall. This is a powerful program that filters all
the data packets that enter or leave your computer, to or from the Internet or a local TCP/IP
network, to allow or prevent data going to and coming from specific sources and
destinations. It also protects you from Trojan Horses by blocking the ports they use.
To view the Firewall screen, click the Firewall button on the left of the main interface. The
Firewall screen displays, with its three tabs: General, Log and Trojans.
Intego NetBarrier X3 User's Manual
Page 44
Chapter 5 — The 4 Lines of Defense
Firewall settings
Intego NetBarrier X3's Firewall has 6 different settings that correspond to the way you use
your computer. The first five settings, which use preprogrammed rules, cover all the
situations that you will encounter in normal use. The last setting, Customized, allows you
to design your own rules, to precisely control access to and from your computer.
No restrictions
In this mode, there are no restrictions, and Intego NetBarrier X3's Firewall allows
all incoming and outgoing network data to be sent and received. If you select this
setting, it is as if the Firewall were turned off.
No network
In this mode, Intego NetBarrier X3's Firewall prevents all data from entering or
leaving your computer to or from the Internet or a local TCP/IP network. This is
useful if you are away from your computer and wish to protect it totally.
Client, local server
In this mode, Intego NetBarrier X3's Firewall protects your computer when it is
functioning as a client and local network server. Activity between your computer
and the Internet is available, as a client, and you can be both client and server on a
local network.
Intego NetBarrier X3 User's Manual
Page 45
Chapter 5 — The 4 Lines of Defense
Server only
In this mode, Intego NetBarrier X3's Firewall protects your computer when it is
functioning only as a server. The client functions of your computer are blocked.
Client only
In this mode, Intego NetBarrier X3's Firewall protects your computer when it is
functioning only as a client on a local network, or when you are connected to the
Internet. The server functions of your computer are blocked.
Customized
This setting gives you access to Intego NetBarrier X3's most powerful features, by
allowing you to create your own custom Firewall rules. But, since this setting gives
access to such powerful possibilities for creating rules, it should only be used by
experienced network administrators. For more on Customized mode, see chapter 7,
Customized Protection.
Intego NetBarrier X3 User's Manual
Page 46
Chapter 5 — The 4 Lines of Defense
The Log
How the Log Works
The Log shows a record of all the activity where Intego NetBarrier X3 has acted. It lists
each time that there has been an incident, the address of the intruder, and the kind of
incident recorded.
Intego NetBarrier X3 User's Manual
Page 47
Chapter 5 — The 4 Lines of Defense
Selecting What to Display in the Log
You can choose what type of information is displayed in the Log. Checking any of the
following check boxes will display related activity. If any of them are unchecked, their
activity will not be displayed.
General
This is general Intego NetBarrier X3 activity, such as Intego NetBarrier X3 startup
and alerts.
Firewall
Intego NetBarrier X3 logs all firewall activity, when rules are applied, if logging has
been activated in the rules.
Networking
Intego NetBarrier X3 logs all connections to networks or the Internet, and when IP
addresses in the Stop List attempt to connect to your computer.
Intego NetBarrier X3 User's Manual
Page 48
Chapter 5 — The 4 Lines of Defense
Domain Name Resolution
Intego NetBarrier X3 helps you track down intruders by resolving domain names of your
connections. Internet addresses exist in two forms: numbers, such as 255.255.0.0, and
names, such as intego.com. The correspondence between the two is recorded in domain
name servers all across the Internet.
When Name Resolution is checked in the Log panel, Intego NetBarrier X3 will attempt to
find the names for each of the Internet addresses shown in the log. If found, these domains
will then be displayed in their name form, rather than as numbers.
Note: Intego NetBarrier X3 is not always able to resolve the names of some Internet
addresses, since not all such addresses have name equivalents.
Intego NetBarrier X3 User's Manual
Page 49
Chapter 5 — The 4 Lines of Defense
Expert Mode
If you choose to display the log in Expert Mode, Intego NetBarrier X3 displays additional
columns in the log. These columns are Source, Protocol, Source Port, Destination Port,
Flags and Interface.
Pausing the Log
If you have many connections entering and leaving your computer, you may find it difficult
to follow the log as it displays. To help you view the log, click the Pause button. The log
display stops but the log keeps recording data. Click the Pause button again to resume realtime display.
Intego NetBarrier X3 User's Manual
Page 50
Chapter 5 — The 4 Lines of Defense
Changing the Log Display
You can sort the Log by any of its columns by clicking on the header just above the
column.
You can also sort it in ascending or descending order by clicking the sort button, the small
triangle in the selected sort column header.
You can drag any of the columns to change their order. To do this, click one of the column
headers and drag it where you want, then release your mouse button.
You can change the width of any of the Log's columns. To do this, move the cursor to the
line between two columns. The cursor will change, showing that you can move this
Intego NetBarrier X3 User's Manual
Page 51
Chapter 5 — The 4 Lines of Defense
boundary. Click the cursor and drag in either direction to make a column wider or
narrower.
You can expand the list display by clicking the zoom box on the right side of the list. The
list will expand, covering the area above it, giving you a display with more lines. To reduce
the list display, click the zoom box again. It will return to its normal size.
Intego NetBarrier X3 User's Manual
Page 52
Chapter 5 — The 4 Lines of Defense
Understanding the Log
Each Log entry contains 4 different items:
Icons
The Green icon indicates General activity.
The Yellow icon indicates Firewall activity.
The Red icon indicates Network activity.
Date & Time
This is the date and time of the incident.
Network Address
This is the originating IP address of the incident. If you have checked Name
resolution, you will see the domain names for those addresses that Intego NetBarrier
X3 was able to resolve.
Kind
This is the kind of incident reported.
When the Log displays its contents in Expert mode, it shows additional columns:
Protocol
This is TCP, UDP, ICMP or IGMP.
Src Port
The source port, or the port by which the data is sent.
Intego NetBarrier X3 User's Manual
Page 53
Chapter 5 — The 4 Lines of Defense
Dest Port
The destination port, or the port to which the data is sent.
Flags
This displays the following TCP flags: A (acknowledge), S (synchronize sequence
number), F (end of data), or R (reset).
Interface
This is the network interface used to send the data. If you have more than one
network interface (such as an Ethernet card and an AirPort card) this specifies the
interface. If you only have one interface this column always displays the same
information.
Clearing the Log
To clear the Log, and erase all information stored in the Log, click Clear...; a dialog
displays asking if you really want to clear the Log. Click Clear to clear the Log, or click
Cancel to cancel the operation.
Intego NetBarrier X3 User's Manual
Page 54
Chapter 5 — The 4 Lines of Defense
Selecting Log Data
You can select log data to copy, and paste into another program or to drag into another
window. You can make multiple selections in the Log window. To do this, select one item,
hold down the Shift key, and select another item a few lines away. All the lines between the
beginning and the end of your selection will be highlighted. To make a non-contiguous
selection, hold down the Command key and select several non-contiguous lines.
After you have selected log data, you can copy it, if you wish to paste it into another
application, or drag and drop it into another application's window, or on the desktop.
Intego NetBarrier X3 User's Manual
Page 55
Chapter 5 — The 4 Lines of Defense
Log Window Contextual Menu
If you hold down the control key and click any Log entry a contextual menu displays.
This menu allows you to do the following:
Copy to Clipboard
If you select Copy to Clipboard from the contextual menu, the content of this line
will be copied to the clipboard. You can then paste it into any application or
document.
Add to Trusted Group
If you select Add to Trusted Group from the contextual menu, the IP address will be
added to the Trusted Group. For more on the Trusted Group, see the Trusted Group
section later in this chapter.
Intego NetBarrier X3 User's Manual
Page 56
Chapter 5 — The 4 Lines of Defense
Add to Stop List
If you select Add to Stop List from the contextual menu, the IP address will be
added to the Stop List. For more on the Stop List, see the Stop List section later in
this chapter.
Find Domain Info
If you select Find Domain Info from the contextual menu, Intego NetBarrier X3 will
switch to the Whois tab and look up the domain name or IP address using its Whois
function. For more on Whois, see the Whois section later in this chapter.
Find Route
If you select Find Route from the contextual menu, Intego NetBarrier X3 will
switch to the Traceroute tab and look up the route between your computer and the
IP address in the log.
Intego NetBarrier X3 User's Manual
Page 57
Chapter 5 — The 4 Lines of Defense
Exporting the Log
You can export log data in several formats. When doing a manual export, only the data
displayed is exported—if you have only checked, say, Firewall in the Log panel, only
Firewall data will be exported. (You can also have the Log data exported automatically. For
more on this, see chapter 6, Log Export Preferences.)
To export Log data, click the Export... button. A dialog will prompt you to save the file;
you may change its name if you wish. Choose where you wish to save it—by default, all
export files are saved to the current user’s Documents folder.
Logs can be exported in six formats. Click the Format popup menu to select the export
format.
You can choose from the following formats:
Expert HTML
This is the log in HTML format with additional columns. It shows that same
information as the log when in Expert mode.
Intego NetBarrier X3 User's Manual
Page 58
Chapter 5 — The 4 Lines of Defense
Expert Text
This is the log in text format with additional columns. It shows that same
information as the log when in Expert mode, and has tabs separating the columns,
which can be easily imported into a spreadsheet.
HTML
This is the log in HTML, which is readable by any web browser, and is presented in
table form.
Analytic
This is similar to Expert Text format, without tab separators, but with labels in front
of some fields.
Text
This is the log in text format, which can be read by any word processor.
Who's there?
This format saves the log as a text file, with the following information:
DATE:
The date of the connection.
TIME:
The time of the connection.
RESULT:
The result of the connection.
HOSTNAME:
The host IP address.
SERVER_PORT:
The server port used for the connection.
METHOD:
The type of connection; TCP or UDP.
Click Save. You will now have a copy of your log that you can open with any word
processor (text), spreadsheet (text) or web browser (HTML).
Intego NetBarrier X3 User's Manual
Page 59
Chapter 5 — The 4 Lines of Defense
Displaying the Log Window
The Log window can be displayed alone, without the rest of Intego NetBarrier X3’s
interface. To do this, select Show Log Window from the Window menu. This displays the
Log in a new window that you can resize, to make it easier to view long logs.
You can also display the Log window at any time by pressing Command+Option+L.
Intego NetBarrier X3 User's Manual
Page 60
Chapter 5 — The 4 Lines of Defense
Using the Log Window Toolbar
When you display the log window, Intego NetBarrier X3 offers you additional tools in the
log window toolbar. These tools let you filter log data, and print, export and clear the log.
To see this toolbar, select View > Show Toolbar.
To hide the toolbar, select View > Hide Toolbar.
Printing the Log
To print the entire log, click the Print button in the log window toolbar. This displays a
standard print dialog where you can choose printing options according to the type of printer
you have.
Intego NetBarrier X3 User's Manual
Page 61
Chapter 5 — The 4 Lines of Defense
Exporting the Log
To export the entire log, click the Export button in the log window toolbar. This lets you
export the log in any of six formats. For more on these formats, see Exporting the Log
above.
Clearing the Log
To clear the Log, and erase all information stored in the Log, click the Clear button in the
log window toolbar. A dialog displays asking if you really want to clear the Log. Click
Clear to clear the Log, or click Cancel to cancel the operation.
Filtering Data in the Log Window
The log window toolbar contains a search field that lets you filter data in the log window
according to several criteria, displaying only those entries that contain the selected criteria.
You can search for log entries by any of the following criteria:
• Source address
• Destination address
• Source port
• Destination port
• Interface
• Protocol
Intego NetBarrier X3 User's Manual
Page 62
Chapter 5 — The 4 Lines of Defense
To search for log data containing any of these criteria, click the disclosure triangle next to
the Search icon.
Select the criteria you want to search for, then enter a search string in the Search field. You
don't need to enter the entire string; the display is dynamic, and automatically narrows
down the log data as you enter characters in the search field.
Intego NetBarrier X3 User's Manual
Page 63
Chapter 5 — The 4 Lines of Defense
In the example below, entering 195 in the search field sorts the log data so only those lines
with 195 in the destination address display.
This dynamic filtering only works from the beginning of an entry; entering 166 would not
produce the display in the example above.
To clear the search field and begin a new search, click the Clear button in the search field.
Intego NetBarrier X3 User's Manual
Page 64
Chapter 5 — The 4 Lines of Defense
Trojan Horse Protection
Trojan Horses are applications that are surreptitiously installed on your computer, either by
virus-laden attachments you receive with e-mail messages, or by other programs, which
may be shareware or freeware programs. In some cases, programs install a specific type of
Trojan Horse, known as spyware, which sends personal information to a server. Since the
connection is made from your computer, it is generally trusted; but Intego NetBarrier X3
knows how to spot the actions of the most common Trojan Horses and block them in their
tracks. There have been cases where such programs have sent information on users’
browsing habits to a central server; other Trojan Horses open backdoors in your computer
that allow hackers to take control of it or delete files.
Intego NetBarrier X3 User's Manual
Page 65
Chapter 5 — The 4 Lines of Defense
To turn on Trojan Horse protection, click the On button, then click the names of the Trojans
to select them.
To find out what the different Trojans do, and how they act, click one of their names. The
Info section, to the right, displays a brief description of the Trojan and its activity, and also
tells which port(s) the Trojan uses. If you are having network problems with specific ports,
try and uncheck the protection against Trojans that use these ports.
You can also enable Trojan blocking for an individual Trojan horse, or for all Trojan
horses, by holding down the Control key on your keyboard and clicking on the name of a
Trojan. A contextual menu displays.
Select Enable to enable protection for the selected Trojan horse, or select Enable All to
enable protection for all Trojan horses. You can disable protection for individual Trojan
horses or all Trojan horses in the same manner.
Intego NetBarrier X3 User's Manual
Page 66
Chapter 5 — The 4 Lines of Defense
Antivandal
Intego NetBarrier X3's Antivandal watches over all the data entering your computer, and
filters it, looking for signs of intrusion. This filtering is transparent—the only time Intego
NetBarrier X3 will show itself is if suspicious data is detected. If this occurs, an alert
displays. Otherwise, Antivandal silently monitors your computer's network activity at all
times.
Intego NetBarrier X3 User's Manual
Page 67
Chapter 5 — The 4 Lines of Defense
Options
The Antivandal panel has several options that affect Intego NetBarrier X3's anti-intrusion
protection.
Stop unknown protocols
If this is checked, any unknown protocols are automatically blocked.
Protect against ping attacks
If this is checked, hostile pings are automatically blocked. Pings are accepted, but if
the number or frequency of pings exceeds Intego NetBarrier X3's limits, they are
blocked.
Protect against port scans
If this is checked, port scanning is automatically blocked. You may want to leave
this unchecked if your computer is functioning as a server.
Protect against SYN flooding
If this is checked, the number of connections is automatically limited. This prevents
connection flood denial of service attacks.
Intego NetBarrier X3 User's Manual
Page 68
Chapter 5 — The 4 Lines of Defense
Deny Apple Remote Desktop Control
If this is checked, Intego NetBarrier X3 blocks all requests to use Apple Remote
Desktop software.
Protect against intrusion attempts
If this is checked, Intego NetBarrier X3 displays an alert if three incorrect password
requests are sent to your machine, in an attempt to connect to it, in a given period of
time. This applies to connection attempts to Web Sharing, File Sharing or FTP.
Stealth mode (prohibit ping replies)
If this is checked, your computer will be invisible to other computers on the Internet
or on a local network. You will not, however, be anonymous—any requests you
send to other hosts will include your computer's IP address.
Allow PORT mode FTP transfers
If this is checked, you will be able to make FTP transfers when functioning in Client
only Firewall mode.
Detect IIS Attacks
If this is checked, Intego NetBarrier X3 detects CodeRed and nimda requests sent to
your computer if it is configured as a web server, or if you have a server expecting
calls to HTTP ports. This protects you from denial of service attacks.
Intego NetBarrier X3 User's Manual
Page 69
Chapter 5 — The 4 Lines of Defense
Setting Ping Flooding Sensitivity
You can adjust the sensitivity of Intego NetBarrier X3's ping flooding protection. If your
computer is on a network, it is normal that your network administrator ping your computer
from time to time. However, if your computer is isolated, it is rare that it be pinged. One
exception is if you have a cable connection; your ISP might ping your computer to check if
it is on-line.
To adjust the ping flooding sensitivity, click one of the bars. The bar will be colored green,
yellow or red, indicating the level of protection. If you are on a network and get too many
alerts, you should lower the ping flooding sensitivity.
Intego NetBarrier X3 User's Manual
Page 70
Chapter 5 — The 4 Lines of Defense
Setting SYN Flooding Sensitivity
You can adjust the sensitivity of Intego NetBarrier X3's SYN flooding protection.
To adjust the SYN flooding sensitivity, click one of the bars. The bar will be colored green,
yellow or red, indicating the level of protection. If your computer functions as a server, and
you get too many alerts, you should lower the SYN flooding sensitivity.
Intego NetBarrier X3 User's Manual
Page 71
Chapter 5 — The 4 Lines of Defense
Setting Port Scan Sensitivity
You can adjust the sensitivity of Intego NetBarrier X3's port scan protection.
To adjust the port scan sensitivity, click one of the bars. The bar will be colored green,
yellow or red, indicating the level of protection. If you are on a network and get too many
alerts, you should lower the port scan sensitivity.
Intego NetBarrier X3 User's Manual
Page 72
Chapter 5 — The 4 Lines of Defense
Alerts
Understanding Alerts
Intego NetBarrier X3 constantly monitors all of your computer's network activity, whether
it is to the Internet or a local network. It is pre-configured to look out for specific types of
data that indicate an intrusion or attack. If any suspicious data is found, Intego NetBarrier
X3 displays an alert, asking you whether you wish to allow the data to be sent or deny it.
The following is an example of an alert. The top line shows the reason for the alert. Here,
an Intrusion Attempt was detected. The host, 10.0.1.201, shown by its IP address, tried to
attack this computer with a ping flood. Two buttons on the right allow you to decide what
action to take for this alert.
If you click the More Info… arrow at the bottom left, an information field is displayed,
showing the cause of the alert.
Intego NetBarrier X3 User's Manual
Page 73
Chapter 5 — The 4 Lines of Defense
By clicking on the DNS lookup button (the ? ), you can toggle from the numerical IP
address to the actual domain name of the offender, if there is one.
There are two ways you can respond to alerts:
Stop List
The default response to all alerts is Stop List. If you click this button, or press the
Enter or Return key, the data being received will be refused and the intrusion will be
blocked. When this happens, the packet is dropped, and it is as if the data was never
received. If the suspicious packet is part of a file, this means that the file will not
reach its destination. If it is a command, the command will not have a chance to be
carried out, since it will not reach its target.
If you click Stop List, the IP address that caused this alert to be displayed will be
automatically added to the Stop List, and kept there for the default time that has
been set. (See Stop List, chapter 5.) This time can, however, be changed in the
Alerts screen by entering a new time in the time field, and changing the time unit in
the popup menu.
Ignore
If you click this button, you will allow the data to be received. Data transmission
will continue as usual, unless Intego NetBarrier X3 detects another attempted
intrusion. In this case, another alert displays.
Intego NetBarrier X3 User's Manual
Page 74
Chapter 5 — The 4 Lines of Defense
Attack Counter
Intego NetBarrier X3 records the number of attacks it has protected you from and displays
this number in a counter at the bottom of the Antivandal window. It also shows the type of
attack it blocked last, and the date and time of the last attack.
To reset this counter, click the Reset button next to the counter.
Intego NetBarrier X3 User's Manual
Page 75
Chapter 5 — The 4 Lines of Defense
Alert Options
The Alerts tab gives you several options as to how Intego NetBarrier X3 acts when an alert
is triggered.
Put the host in the Stop List for:
If this is checked, the connection is automatically dropped when there is an alert,
and the offending IP address is immediately placed in the Stop List. (See Stop List,
chapter 5.) A field to the right of this button allows you to specify the default time
period that the offending IP address will remain in the Stop List. You can choose
any number of seconds, minutes, hours or days, or choose to have the intruder
remain on the Stop List permanently.
Intego NetBarrier X3 User's Manual
Page 76
Chapter 5 — The 4 Lines of Defense
Ask
If this is checked, Intego NetBarrier X3 presents an Alert dialog asking what to do.
It is up to you to decide how the Alert is then to be handled. This Alert dialog shows
the Stop List time period selected in the Alert options by default, but this time can
be changed in the Alerts screen.
Bring dialog to the front
If this is checked, the Intego NetBarrier X3 alert comes to the front automatically
whenever there is an alert. If not, it remains in the background. If no action is taken
for 90 seconds, the alert automatically closes, and the connection is denied.
Speak the Alert Text
If this is checked, Intego NetBarrier X3 uses Mac OS X Text-to-Speech to speak the
text of the alert.
Don't Ask when the Current User is not an Administrator
If this is checked, Intego NetBarrier X3 does not ask if the current user is not an
administrator, and automatically puts the offending host in the Stop List.
Play sound to notify
If this is checked, Intego NetBarrier X3 plays the sound of your choice whenever
there is an alert. You can select the sound you wish to have played from the pop-up
menu to the right of the button.
Send e-mail
If this is checked, Intego NetBarrier X3 automatically sends an e-mail message to
the address entered in the text field, within 30 seconds. (Intego NetBarrier X3 waits
to see if there are other intrusion attempts, rather than send an e-mail message each
Intego NetBarrier X3 User's Manual
Page 77
Chapter 5 — The 4 Lines of Defense
time.) The e-mail address for the sender and recipient must be entered, as well as the
outgoing mail server. You can send this e-mail message to multiple recipients. To
do this, enter several e-mail addresses separated by commas.
Intego NetBarrier X3 User's Manual
Page 78
Chapter 5 — The 4 Lines of Defense
The Stop List
The Stop List is a powerful feature of Intego NetBarrier X3 that ensures that once an
attempted attack or intrusion has been foiled, the originating machine is not allowed to send
any data to your computer, and your computer is not allowed to connect to them either. The
offender can be put on the Stop List for a limited time, or indefinitely. The default time that
the offender remains on the Stop List can be set in the Alerts screen (see above).
Intego NetBarrier X3 User's Manual
Page 79
Chapter 5 — The 4 Lines of Defense
Stop List information
The Stop List panel displays information on the various IP addresses that are currently in
the Stop List, if any.
Intruder
This is the IP address of the offender.
Remaining time
This is the time that the offending IP address is scheduled to remain in the Stop List.
If a host has been entered permanently in the Stop List, a check box displays to the left of
their IP address. You can uncheck this check box if you wish to temporarily allow the host
to access your computer while still retaining them in the Stop List. To block the host again,
check the check box.
Intego NetBarrier X3 User's Manual
Page 80
Chapter 5 — The 4 Lines of Defense
Other Stop List information
If you click once on an address in the Stop List, some additional information displays on
the right side of the panel.
Host
At the top of this section is the IP address of the offender. By clicking the DNS
lookup button (the ? ), you can toggle from the numerical IP address to the actual
domain name of the offender, if there is one. You can display this address in large
type by moving your cursor over the Host label until the label highlights, clicking,
and selecting Large Type from the contextual menu.
Reason
A line of text tells you how the IP address was added to the Stop List (here, it was
added because of a Ping Flood attack).
Duration
The Duration is the amount of time the host is to remain in the Stop List. The
from: and to: sections tell you when the address was added to the Stop List, and
Intego NetBarrier X3 User's Manual
Page 81
Chapter 5 — The 4 Lines of Defense
how long it will remain there. The progress bar shows how much of their time in the
Stop List is left. You can change this duration by moving your cursor over the
Duration label until the label highlights, clicking, selecting Extend or Shorten from
the contextual menu, then selecting an amount of time to add or subtract to the
current duration.
Note
The text field below the progress bar contains any comments you have entered in
the Stop List for this IP address, or any comments added by Intego NetBarrier X3.
See below to find out how to enter or add comments to a Stop List entry.
Intego NetBarrier X3 User's Manual
Page 82
Chapter 5 — The 4 Lines of Defense
Changing the List Display
You can sort the Stop List by any of its columns by clicking on the header just above the
column.
You can also sort it in ascending or descending direction by clicking on the sort button, the
small triangle in the selected sort column header.
You can drag any of the columns to change their order. To do this, click one of the column
headers and drag it where you want, then release your mouse button.
Intego NetBarrier X3 User's Manual
Page 83
Chapter 5 — The 4 Lines of Defense
Adding addresses to the Stop List
There are three ways to add addresses to the Stop List. The first is by responding to an
Alert. (See above, Alerts.) If an Alert displays, and you reply Stop List, the offending IP
address is automatically added to the Stop List.
The second is by selecting an IP address in the Log window and choosing Add to Stop List
from the contextual menu. For more on this, see above, Log Window Contextual Menu.
You can also manually add addresses to the Stop List. To do this, click Add... The Stop List
Editor displays.
Enter a host address in the Host field, and select the time this address is to remain in the
Stop List by entering a number in the Duration field; select a time unit from the pop-up
menu. If you do not know the numerical IP address of the host you wish to add, enter its
name and click the ? button. Intego NetBarrier X3 queries your Internet provider’s DNS
server, and enters the correct number in the field. You can also add comments, such as the
Intego NetBarrier X3 User's Manual
Page 84
Chapter 5 — The 4 Lines of Defense
reason for adding the address to the Stop List, in the Comments field. If you decide you do
not wish to add this address to the Stop List, click Cancel.
Using Wildcards in the Stop List
You can use wildcards to block ranges of IP addresses in the Stop List. To do this, enter the
first part of the IP address you wish to block, followed by asterisks, in the following form:
192.*.*.* or 192.192.*.* or 192.192.192.* This will block all addresses containing the
numbers you have entered, whatever their endings are.
Intego NetBarrier X3 User's Manual
Page 85
Chapter 5 — The 4 Lines of Defense
Removing Addresses from the Stop List
To remove an address from the Stop List, click the address you would like to remove, then
click Remove. A dialog asks if you really want to remove the address; click Remove. The
address is removed. If you decide you do not want to delete this address, click Cancel. You
can select multiple contiguous addresses, by shift-clicking, or non-contiguous addresses, by
command-clicking, and delete them all together.
You can also remove an address from the Stop List by clicking the address while holding
down the control key on your keyboard, then selecting Remove… from the contextual
menu that is displayed. A dialog asks if you really want to remove the address; click OK.
The address is removed. If you decide you do not want to delete this address, click Cancel.
Intego NetBarrier X3 User's Manual
Page 86
Chapter 5 — The 4 Lines of Defense
Moving Addresses from the Stop List to the Trusted Group
You may decide that you want to move an address from the Stop List to the Trusted Group.
To do this, hold down the control key on your keyboard, then select Switch to Trusted
Group from the contextual menu that is displayed.
This moves the address to the Trusted Group. For more on using the Trusted Group, see
below, The Trusted Group.
Intego NetBarrier X3 User's Manual
Page 87
Chapter 5 — The 4 Lines of Defense
Editing an Address in the Stop List
To edit an address in the Stop List, click the address you would like to edit, then click
Edit… (You can also double-click the address, or click the address while holding down the
control key on your keyboard, then select Edit…)
The Stop List Editor displays, showing you the address, and you can change the address,
add or change comments, or change the time you want it to remain on the Stop List. To
confirm your changes, click OK, or to leave the address and other information as they were,
click Cancel.
Intego NetBarrier X3 User's Manual
Page 88
Chapter 5 — The 4 Lines of Defense
You can also change the amount of time a host is in the Stop List using a contextual menu.
Move the cursor over the Duration label in the Stop List; this label highlights. Click this
label, and select Extend or Shorten, then select a time value from the popup menu.
Select the amount of time you want to extend or shorten the host's presence in the Stop List.
This time is added or subtracted immediately.
Intego NetBarrier X3 User's Manual
Page 89
Chapter 5 — The 4 Lines of Defense
Copying Addresses from the Stop List
You can select addresses in the Stop List and copy them, to paste them into another
application. To do this, click a line of the Stop List, then copy the address by pressing
Command+C. You can select multiple contiguous addresses, by shift-clicking, or noncontiguous addresses, by command-clicking, and copy them all together.
You can drag selected addresses into another application window. To do this, select one or
several addresses, as above, click one of the selected lines, and drag them into another open
window.
Intego NetBarrier X3 User's Manual
Page 90
Chapter 5 — The 4 Lines of Defense
The Stop List Contextual Menu
As you have seen above, you can click an address in the Stop List, while holding down the
control key on your keyboard, and a contextual menu displays. This menu contains several
functions.
Copy to Clipboard
If you select Copy to Clipboard from the contextual menu, the address is copied to
the clipboard. You can then paste it into any application or document.
Edit...
If you select Edit... from the contextual menu, you can edit the Stop List entry. See
above, Editing an Address in the Stop List.
Remove...
If you select Remove... from the contextual menu, you can remove the Stop List
entry. See above, Removing Addresses from the Stop List.
Intego NetBarrier X3 User's Manual
Page 91
Chapter 5 — The 4 Lines of Defense
Switch to Trusted Group
If you select Switch to Trusted Group from the contextual menu, you can move the
address from the Stop List to the Trusted Group. See above, Moving Addresses
from the Stop List to the Trusted Group.
Find Domain Info
If you select Find Domain Info from the contextual menu, Intego NetBarrier X3’s
Whois panel opens and looks up the domain name, giving you information on that
domain. For more about Whois, see the Whois section below.
Find Route
If you select Find Route from the contextual menu, Intego NetBarrier X3's
Traceroute panel opens and searches for the route between your computer and the
host. For more about Traceroute, see the Traceroute section below.
Intego NetBarrier X3 User's Manual
Page 92
Chapter 5 — The 4 Lines of Defense
The Trusted Group
The Trusted Group feature allows you to select “friendly” computers that are not treated as
intruders if they perform certain actions, such as sending pings or other requests. It is a kind
of friendly Stop List. While the Stop List protects you from foes, the Trusted Group
contains your friends. You can add computers on your local network or other hosts on the
Internet that you are certain to be friendly. This ensures that Intego NetBarrier X3’s
Antivandal does not block their access nor set off alerts for any actions they carry out. They
are, however, be affected by all the active Firewall rules.
Intego NetBarrier X3 User's Manual
Page 93
Chapter 5 — The 4 Lines of Defense
Trusted Group Information
The Trusted Group panel shows you information on the various IP addresses that are
currently in the Trusted Group, if any.
Network Address
This is the IP address of the friendly computer.
Remaining time
This is the time that the friendly computer is scheduled to remain in the Trusted
Group.
Intego NetBarrier X3 User's Manual
Page 94
Chapter 5 — The 4 Lines of Defense
Other Trusted Group information
If you click an address in the Trusted Group, some additional information displays on the
right side of the panel.
Host
At the top of this section is the IP address of the friendly computer. By clicking on
the DNS lookup button (the ? ), you can toggle from the numerical IP address to the
actual domain name of the friendly computer, if there is one. You can display this
address in large type by moving your cursor over the Host label until the label
highlights, clicking, and selecting Large Type from the contextual menu.
Duration
The Duration is the amount of time the host is to remain in the Trusted Group. The
from: and to: sections tell you when the address was added to the Trusted Group,
and how long it will remain there. The progress bar shows how much of their time
in the Trusted Group is left. You can change this duration by moving your cursor
over the Duration label until the label highlights, clicking, selecting Extend or
Shorten from the contextual menu, then selecting an amount of time to add or
subtract to the current duration.
Intego NetBarrier X3 User's Manual
Page 95
Chapter 5 — The 4 Lines of Defense
Note
The text field below the progress bar contains any comments you have entered in
the Trusted Group for this IP address. See below to find out how to enter or add
comments to a Trusted Group entry.
Intego NetBarrier X3 User's Manual
Page 96
Chapter 5 — The 4 Lines of Defense
Changing the List Display
You can sort the Trusted Group list by any of its columns by clicking on the header just
above the column.
You can also sort it in ascending or descending order by clicking the sort button, the small
triangle in the selected sort column header.
You can drag either of the columns to change their order. To do this, click one of the
column headers and drag it where you want, then release your mouse button.
Intego NetBarrier X3 User's Manual
Page 97
Chapter 5 — The 4 Lines of Defense
Adding Addresses to the Trusted Group
There are three ways to add addresses to the Trusted Group. The first is by selecting an IP
address in the Log window, and choosing Add to Trusted Group from the contextual menu.
For more on this, see above, Log Window Contextual Menu.
The second is to move an address from the Stop List to the Trusted Group via the
contextual menu. For more on this, see above, Moving Addresses from the Stop List to
the Trusted Group.
You can also manually add addresses to the Trusted Group. To do this, click Add... The
Trusted Group Editor displays.
Enter a host address in the Host field, and select the time this address is to remain in the
Trusted Group by entering a number in the Duration field; select a time unit from the popup menu. If you do not know the numerical IP address of the host you wish to add, enter its
name and click the ? button. Intego NetBarrier X3 queries your Internet provider’s DNS
Intego NetBarrier X3 User's Manual
Page 98
Chapter 5 — The 4 Lines of Defense
server, and enters the correct number in the field. You can also add comments, such as the
reason for adding the address to the Trusted Group, in the Comments field. If you decide
you do not wish to add this address to the Trusted Group, click Cancel.
Using Wild Cards in the Trusted Group
You can use wild cards to allow ranges of IP addresses in the Trusted Group. To do this,
enter the first part of the IP address you wish to add to the Trusted Group, followed by
asterisks, in the following form: 192.*.*.* or 192.192.*.* or 192.192.192.* This adds to the
Trusted Group all addresses containing the numbers you have entered, whatever their
endings.
Intego NetBarrier X3 User's Manual
Page 99
Chapter 5 — The 4 Lines of Defense
Removing Addresses from the Trusted Group
To remove an address from the Trusted Group, click the address you would like to remove,
then click Remove. A dialog asks if you really want to remove the address; click Remove.
The address is removed. If you decide you do not want to delete this address, click Cancel.
You can select multiple contiguous addresses, by shift-clicking, or non-contiguous
addresses, by command-clicking, and delete them all together.
You can also remove an address from the Trusted Group by clicking the address while
holding down the control key on your keyboard, then selecting Remove… from the
contextual menu that is displayed. A dialog asks if you really want to remove the address;
click Remove. The address is removed. If you decide you do not want to delete this
address, click Cancel.
Intego NetBarrier X3 User's Manual
Page 100
Chapter 5 — The 4 Lines of Defense
Editing an Address in the Trusted Group
To edit an address in the Trusted Group, click once on the address you would like to edit,
then click Edit… (You can also double-click the address, or click the address while holding
down the control key on your keyboard, then select Edit…)
The Trusted Group Editor displays, showing you the address, and you can change the
address, add or change comments, or change the time you want it to remain on the Trusted
Group. To confirm your changes, click OK, or to leave the address and other information as
they were, click Cancel.
Intego NetBarrier X3 User's Manual
Page 101
Chapter 5 — The 4 Lines of Defense
You can also change the amount of time a host is in the Trusted Group using a contextual
menu. Move the cursor over the Duration label in the Trusted Group; this label highlights.
Click this label, and select Extend or Shorten, then select a time value from the popup
menu.
Select the amount of time you want to extend or shorten the host's presence in the Trusted
Group. This time is added or subtracted immediately.
Intego NetBarrier X3 User's Manual
Page 102
Chapter 5 — The 4 Lines of Defense
Copying Addresses from the Trusted Group
You can select addresses in the Trusted Group and copy them, to paste them into another
application. To do this, click a line of the Trusted Group, then copy the address. You can
select multiple contiguous addresses, by shift-clicking, or non-contiguous addresses, by
command-clicking, and copy them all together.
You can drag selected addresses into another application window. To do this, select one or
several addresses, as above, click your cursor on one of the selected lines, and drag them
into another open window.
Intego NetBarrier X3 User's Manual
Page 103
Chapter 5 — The 4 Lines of Defense
The Trusted Group Contextual Menu
As you have seen above, you can click an address in the Trusted Group, while holding
down the control key on your keyboard, and a contextual menu displays. This menu
contains several functions.
Copy to Clipboard
If you select Copy to Clipboard from the contextual menu, the address is copied to
the clipboard. You can then paste it into any application or document.
Edit...
If you select Edit... from the contextual menu, you can edit the Trusted Group entry.
See above, Editing an Address in the Trusted Group.
Remove...
If you select Remove... from the contextual menu, you can remove the Trusted
Group entry. See above, Removing Addresses from the Trusted Group.
Intego NetBarrier X3 User's Manual
Page 104
Chapter 5 — The 4 Lines of Defense
Find Domain Info
If you select Find Domain Info from the contextual menu, Intego NetBarrier X3’s
Whois panel opens and looks up the domain name, giving you information on that
domain. For more about Whois, see the Whois section below.
Find Route
If you select Find Route from the contextual menu, Intego NetBarrier X3's
Traceroute panel opens and searches for the route between your computer and the
host. For more about Traceroute, see the Traceroute section below.
Intego NetBarrier X3 User's Manual
Page 105
Chapter 5 — The 4 Lines of Defense
Application Control
Intego NetBarrier X3 lets you control Internet and network access for individual
applications. While your firewall settings may allow general network access, the
Applications tab lets you choose how Intego NetBarrier X3 reacts when specific
applications try to access the network. This helps you in two ways:
• If you wish to prevent users from accessing the network with specific applications,
you can choose to block them in the Applications tab.
• If an application attempts to connect to the network without your awareness, Intego
NetBarrier X3 stops it in its tracks, alerts you, and waits for you to decide whether
to allow it to do so or to deny access.
Your computer has many applications that may access the Internet or other networks: web
browsers, e-mail programs, FTP (file transfer) programs, instant messaging applications,
and more. While all of these applications are designed to access the Internet, and you are
aware of that, others may do so without your awareness. In some cases, these may be
programs designed to automatically check for software updates, such as Intego NetUpdate.
You may have set these programs to check at specific intervals, but may be surprised when
you see network activity occurring in the background. But in other cases, programs may
connect to the network without telling you, in order to verify the serial numbers of software
installed on your computer, collect and send personal information without your awareness,
or open a backdoor on your computer to provide access to hackers or vandals.
Intego NetBarrier X3 User's Manual
Page 106
Chapter 5 — The 4 Lines of Defense
Using the Applications Tab
The Intego NetBarrier X3 Applications screen lets you choose how the program reacts
when a new application attempts to connect to the Internet or any other network.
To turn on Application Blocking, click the On button.
Intego NetBarrier X3 User's Manual
Page 107
Chapter 5 — The 4 Lines of Defense
Then select one of the three Default Behavior options:
Allow
If you check this, Intego NetBarrier X3 allows all applications to access the Internet
or any other network. However, any firewall rules you may have defined concerning
access to and from specific ports still function. For example, if an FTP program
attempts to connect to a web page, Intego NetBarrier X3 does not block the
application, but if you have set up a firewall rule blocking port 20, the standard FTP
port, the data does not go through. If the FTP program attempts to make a
connection to a different port, it is not blocked.
Deny
If you check this, Intego NetBarrier X3 blocks all access to the Internet or other
network. This supercedes all firewall rules you have defined.
Ask
If you check this, Intego NetBarrier X3 asks you for each application that attempts
to connect to the Internet or other network.
Intego NetBarrier X3 User's Manual
Page 108
Chapter 5 — The 4 Lines of Defense
Trusting System Processes
Many parts of Mac OS X request Internet or network access. This ranges from printing
services and domain name resolution processes to services and processes that check for
software updates or synchronize your clock. To trust these processes, and not be asked
when they attempt to connect to the Internet or network, check the Trust System Processes
check box.
Intego NetBarrier X3 User's Manual
Page 109
Chapter 5 — The 4 Lines of Defense
Application Alerts
If you have chosen to have Intego NetBarrier X3 ask you when an application attempts to
access the Internet or another network, an alert displays.
This alert tells you that an application has requested a connection to a specific IP address. A
group of buttons allows you to choose how Intego NetBarrier X3 reacts.
Allow once
If you check this, Intego NetBarrier X3 allows network access for this application
this time only.
Deny
If you check this, Intego NetBarrier X3 blocks network access for this application.
Allow
If you check this, Intego NetBarrier X3 allows network access for this application
this time and in the future.
Intego NetBarrier X3 User's Manual
Page 110
Chapter 5 — The 4 Lines of Defense
If you do not reply to this alert within 30 seconds, Intego NetBarrier X3 automatically
denies network access to this application, this time only.
If you are not sure what the application is that is requesting Internet or network access, you
can click the Reveal in Finder button. This opens a Finder window showing you the
location of the application.
Intego NetBarrier X3 User's Manual
Page 111
Chapter 5 — The 4 Lines of Defense
Additional Application Information
Intego NetBarrier X3 application alerts offer additional information about the application
requesting an Internet or network connection and the IP address they are attempting to
connect to.
If you click the More Info... triangle, the alert displays the port the application is attempting
to connect to and its full path.
If you click the DNS lookup button (the ? ), you can toggle from the numerical IP address
to the actual domain name of the host, if there is one.
Intego NetBarrier X3 User's Manual
Page 112
Chapter 5 — The 4 Lines of Defense
Changing Application Settings
After you have chosen to allow or deny network access to any applications, you can change
these application settings if you wish. This shows a list of applications that Intego
NetBarrier X3 has asked you to allow or block, and which you have chosen to always allow
or always block by clicking the Allow or Deny buttons. (If you choose to allow a specific
application just once, it will not be added to this list.)
This list contains two icons: a green, GO icon, indicates that network access is allowed; a
red, STOP icon, indicates that network access is denied.
Each application has settings for two types of Internet connection: Client and Server. A
client is a program that initiates a connection with host. A server receives a connection
from another host. To turn on or off an application's settings, click the icon in the Client or
Server column to change it.
Intego NetBarrier X3 User's Manual
Page 113
Chapter 5 — The 4 Lines of Defense
Adding Applications to the Application List
Intego NetBarrier X3 allows you to manually add applications to its application list, and
choose whether you wish to allow or deny network access to them.
To add an application, click the Add… button. A standard Mac OS X Open dialog displays.
Navigate until you find the application you want to add, then click Select. When you add an
application in this manner it is given allow status both as client and server. To change either
of these settings, click one of the icons in the Client or Server columns of the list.
You can also add applications to the application list by dragging their icons into the
Applications tab. Locate an application and drag its icon into the Applications list.
Removing Applications from the Applications List
If you wish to remove an application from the Applications list, click one of the
applications to select it, then click Remove… A sheet displays asking if you really want to
delete this application. Click Remove to delete it, or click Cancel to leave it in the list.
Revealing Applications in the Finder
If you want to see where an application that is in the Applications list is on your computer,
hold down the Control key on your keyboard and click on the name of an application. A
contextual menu displays. Select Reveal in Finder, and a Finder window opens showing the
location of the application.
Intego NetBarrier X3 User's Manual
Page 114
Chapter 5 — The 4 Lines of Defense
Privacy Filters
Intego NetBarrier X3's privacy filters examine both incoming and outgoing packets,
looking for specific types of data. There are several filters, each of which is designed to
protect your data or privacy, or help you surf the web faster.
Intego NetBarrier X3 User's Manual
Page 115
Chapter 5 — The 4 Lines of Defense
Data Filter
The Data Filter ensures that any sensitive information you choose to protect cannot leave
your computer and go onto a network. You decide what to protect—your credit card
number, passwords, or key words that appear in sensitive documents—and Intego
NetBarrier X3's Filter checks each outgoing packet to make sure that no documents
containing this information are sent. Not only does this protect you from sending
documents containing this information, but it protects against anyone who has network
access to your computer from taking copies of them.
Remember that, if your computer is accessible across a network and other users have file
sharing privileges, it is possible for anyone with access to your computer to copy your files.
Intego NetBarrier X3 User's Manual
Page 116
Chapter 5 — The 4 Lines of Defense
How the Filter Works
The Filter works in a very simple manner. Each unit of data you protect is called Protected
data. When data packets are sent from your computer to a network, whether it be a local
network or the Internet, they are all examined. If any of the Filter's protected data is found,
the packet is blocked.
Note: the Filter only works on data that corresponds exactly to the Protected data that you
set. For example, if you set Protected data for your credit card number (see below), Intego
NetBarrier X3 prevents its being sent out from your computer. But if you enter the same
number in a secure web page, your browser encrypts this number, and the data no longer
corresponds to the Protected data, and is therefore sent. The same is true for data that is
encoded or compressed.
Turning the Filter on
First, for the Filter to check for protected data, you need to turn it on. To do this, click On.
You can turn it off at any time, if you temporarily want to allow any of your protected data
to be sent, by clicking Off.
Intego NetBarrier X3 User's Manual
Page 117
Chapter 5 — The 4 Lines of Defense
What to protect
The Filter is designed to protect sensitive information. You may want to protect different
types of information, depending on your needs and the type of data on your computer. Here
are some examples:
Credit card numbers
Even if you don't want to send your credit card number across the Internet, via web
servers or e-mail, you may have already sent faxes containing this number. If so, the
files you sent as faxes contain this number, and anyone could open the files and
copy it. Add your credit card numbers to the Filter list and they will not be able to
leave your computer and go onto a network.
Passwords
If you use the Internet or any other network, you probably have some passwords.
The more sites you use, the more passwords you have. Some users even have files
on their computers containing lists of their passwords. Add your passwords to the
Filter, and none of them will be able to leave your computer and go onto a network.
Note: if you store your passwords in the Mac OS X Keychain, they are encrypted,
and you do not need to protect them in the Filter.
Other sensitive information
You may have confidential files concerning projects or customers, contracts,
specifications or other sensitive information. You can easily choose to protect the
name of a project or customer, or add a key word to any of these files to make sure
that they cannot be copied across a network. You may also want to protect e-mail
addresses, social security numbers, phone numbers or other personal information.
Intego NetBarrier X3 User's Manual
Page 118
Chapter 5 — The 4 Lines of Defense
Adding Protected data to the Filter
To add Protected data to the Filter, click Add... The Data Filter Editor displays.
Enter a name for your Protected data in the Label field. You can select some of the most
common names from the popup menu next to this field. Then enter the actual text you wish
to protect in the second text field. This text is hidden by bullets.
Note: You must enter your text exactly as it will be found in your documents for the Filter
to protect it. For example, a credit card number may be found as ####-####-####-#### or
as #### #### #### ####. If you protect only the first example, the Filter does not look for
the second one. Also, this data is case sensitive. If you need to protect a key word, such as a
project name, you must enter it in all possible cases: i.e., Marketing Study, marketing
study, MARKETING STUDY.
Intego NetBarrier X3 User's Manual
Page 119
Chapter 5 — The 4 Lines of Defense
The section labeled Let this data go out via these services allows you to choose to block
data for all but the selected services. To do this, click the Add... button. Then, either enter
the port number of the service, or choose its name from the popup menu. This data is not be
blocked for this service, and this service only. To add another service, repeat the above
operation. You can add as many services as you wish.
When you have finished entering this information, click OK; your Protected data is now
displayed in the Filter window. If you decide that you do not wish to keep this Protected
data, click Cancel.
Intego NetBarrier X3 User's Manual
Page 120
Chapter 5 — The 4 Lines of Defense
Activating or Deactivating Protected Data Items
Each item of protected data appears on a line in the Data window. A check box at the left of
each line allows you to activate or deactivate the filter for each data item. When you add a
new data item, the box is checked, indicating that the filter is active for this item. If you
wish to send any protected data over the Internet or a local network, you must uncheck the
check box for the item in question.
You can also enable data filters for individual protected data items, or for all protected data
items, by holding down the Control key on your keyboard and clicking on the name of a
data item. A contextual menu displays.
Select Enable to enable protection for the selected data item, or select Enable All to enable
protection for all data items.
You can disable individual data items or all data items in the same manner.
Intego NetBarrier X3 User's Manual
Page 121
Chapter 5 — The 4 Lines of Defense
Deleting Protected Data from the Filter
To delete Protected data from the filter, click the Protected data item you wish to delete,
and click Remove... A dialog asks if you really want to remove the Protected data; click
OK. The Protected data is removed. If you decide you do not want to delete this Protected
data, click Cancel.
Editing Protected Data in the Filter
You can edit Protected data in the Filter, either to make changes, or to change the services
for which it is allowed.
To edit Protected data in the Filter, click the Protected data you would like to edit, then
click Edit... (You can also double-click the Protected data.) The Data Filter Editor shows
you the Protected data, and you can make any changes you want. To confirm your changes
click OK, or to leave the Protected data as it was, click Cancel.
Intego NetBarrier X3 User's Manual
Page 122
Chapter 5 — The 4 Lines of Defense
Filter Alerts
If the Filter detects that Protected data is leaving your computer, an alert displays.
This alert is similar to other Intego NetBarrier X3 alerts. You have the possibility of
ignoring the alert, or putting the host on the Stop List. If you click Ignore, Intego
NetBarrier X3 allows the data to be sent for 10 seconds, which is long enough for the file in
question to be sent. If you click Stop List, the host is added to the Stop List.
Intego NetBarrier X3 User's Manual
Page 123
Chapter 5 — The 4 Lines of Defense
Banner Filter
If you click the Banner tab, the Banner filter screen displays. This is a list of rules that
Intego NetBarrier X3 uses to filter ad banners, helping you surf much faster. Ad banners
are graphic ads that are usually displayed at the tops of web pages. Intego NetBarrier X3
blocks these ads, and replaces them with transparent graphics. By filtering them, web pages
load much faster, and you are spared from seeing annoying advertisements.
Intego NetBarrier X3 User's Manual
Page 124
Chapter 5 — The 4 Lines of Defense
Turning the Filter On
First, for the Filter to block ad banners, you need to turn it on. To do this, click On. You
can turn it off at any time, if you temporarily want to allow all hosts to be accepted by your
computer, by clicking Off.
Adding Rules to the Banner Filter
The filter already contains a set of rules, but you can easily add your own. To do this, click
the Add... button. The Banner Editor displays.
This contains three sections: two popup menus and a text field. To create an ad banner filter
rule, select from the first popup menu Host Name or URL Path, then, select from the
second popup menu is or contains. For example, if you want to block ad banners from the
host doubleclick.net, select Host Name contains, and enter doubleclick.net in the text
field. If you wish to validate this ad banner filter rule, click OK; if not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 125
Chapter 5 — The 4 Lines of Defense
You can easily add new hosts to Intego NetBarrier X3’s list of banner filters by dragging a
graphic from a web page into the Banner filter window. Intego NetBarrier X3 automatically
adds the exact file path of the graphic—you should edit this, retaining merely the beginning
section of the text, since the end is often specific to the individual ad.
Intego NetBarrier X3 User's Manual
Page 126
Chapter 5 — The 4 Lines of Defense
Activating or Deactivating Banner Rules
Each banner rule appears on a line in the Banner window. A check box at the left of each
line allows you to activate or deactivate the filter for each banner rule. When you add a new
banner rule, the box is checked, indicating that the filter is active for this rule. If you wish
to stop blocking certain banners, you must uncheck the check boxes for the banners in
question.
You can also enable ad banner for an individual ad banner rule, or for all ad banner rules,
by holding down the Control key on your keyboard and clicking on the name of an ad
banner rule. A contextual menu displays.
Intego NetBarrier X3 User's Manual
Page 127
Chapter 5 — The 4 Lines of Defense
Select Enable to enable protection for the selected ad banner rule, or select Enable All to
enable protection for all ad banner rules.
You can disable individual ad banner rules or all ad banner rules in the same manner.
Note: when using the banner filter, you may find that you cannot access some web pages
correctly. If this is the case, try turning off the Banner filter; their URLs may contain texts
that are in one of the banner rules.
Intego NetBarrier X3 User's Manual
Page 128
Chapter 5 — The 4 Lines of Defense
Cookie Manager
A cookie is a small file on your computer used by some web sites to record information
about you. Cookies can contain your user name and password for some sites, information
identifying you for e-commerce sites, as well as other information on your surfing habits
that you don't even know about. While cookies are not always bad (you cannot make
purchases from most web sites without them), some sites use them to track your behavior.
Intego NetBarrier X3 gives you detailed control over the cookies on your computer. You
can view, edit and delete each cookie on your computer, and delete all the cookie files if
you wish.
Intego NetBarrier X3 User's Manual
Page 129
Chapter 5 — The 4 Lines of Defense
Intego NetBarrier X3 manages cookies for the following programs: Camino, iCab, Internet
Explorer, OmniWeb, Opera, Safari and Sherlock.
Deleting Cookies for a Specific Program
When you display the Intego NetBarrier X3 Cookies tab you can see a list of the programs
that have stored cookie files on your computer. If you click one of these names, the righthand section of the window gives you information on the program, the number of cookies
and domains, and the last time you deleted all the program's cookies.
To delete all the cookies for this program, click Delete All Cookies... A dialogue asks you
to confirm this deletion or cancel it. Note that if you delete all the cookies for a program
you will need to log in again to certain sites that store your user name and password in
cookie files.
Intego NetBarrier X3 User's Manual
Page 130
Chapter 5 — The 4 Lines of Defense
Editing Individual Cookies
With Intego NetBarrier X3's Cookie Manager you can view and edit some aspects of
individual cookies. To do this, click the disclosure triangle next to one of the programs in
the cookie list to view the cookies in its file.
Then click one of the domains in the list that displays. This shows the contents of the
individual cookie.
Intego NetBarrier X3 User's Manual
Page 131
Chapter 5 — The 4 Lines of Defense
As you can see in the above example, the cookie's contents are confusing, and this is often
the case. While you cannot edit the cookie value, you can change its expiration date and
time. To do this, move the cursor over the Expires label, which highlights.
Click this label, and select Extend or Shorten, then select a time value from the popup
menu.
Finally, click Apply to apply this change to the cookie.
Intego NetBarrier X3 User's Manual
Page 132
Chapter 5 — The 4 Lines of Defense
Deleting Individual Cookies
In addition to deleting all cookies for a specific program, you can delete any cookie
individually. To do this, click the cookie to select it, then click Delete...
A dialogue asks you to confirm this deletion or cancel it.
Note: to delete a cookie, the program that uses this cookie must not be active. Quit the
program before deleting any cookies.
Intego NetBarrier X3 User's Manual
Page 133
Chapter 5 — The 4 Lines of Defense
Cleaning Browser Files
Web browsers keep many files on your computer, even after you have stopped using them.
These files include temporary files in the browser's cache, and history files, which record
the web sites you have visited. These files can take up a lot of disk space. Intego NetBarrier
X3 lets you easily clean these files for each program that stores them on your computer.
When you click the Cleaning tab, Intego NetBarrier X3 displays a list of the programs on
your computer that have cache files and history files.
Intego NetBarrier X3 manages cache files for the following programs: Camino, iCab,
Internet Explorer, Opera, Safari, Sherlock and Watson. Intego NetBarrier X3 manages
Intego NetBarrier X3 User's Manual
Page 134
Chapter 5 — The 4 Lines of Defense
history files for the following programs: Camino, iCab, Internet Explorer, OmniWeb,
Opera, and Safari.
To clean a program's cache files or history file, click the program's name in the program
list.
The right-hand section of the window shows the program's name and icon, the amount of
disk spaced used by the cache or history files, and the last time you cleaned these files. To
delete the selected files, click the Clean... button. A dialogue asks you to confirm this
operation or cancel it.
Intego NetBarrier X3 User's Manual
Page 135
Chapter 5 — The 4 Lines of Defense
Surf Filter
Intego NetBarrier X3 has several features to help maintain your privacy when surfing the
Internet. The Surf tab displays a screen where you can choose specific options concerning
cookies and information about your computer.
Intego NetBarrier X3 User's Manual
Page 136
Chapter 5 — The 4 Lines of Defense
Cookie Filter
In addition to the detailed cookie management features available from the Cookies tab (see
above), Intego NetBarrier X3 lets you only send cookies to specific domains that you
choose. If you check Only send cookies to the following servers, and other web sites send
cookies, your computer will not send back any information. Note: if this is checked, you
may have trouble accessing some sites that require user identification, and most ecommerce sites.
To add a server to the Cookie filter list, click Add... The Server editor displays.
Enter the name of the server, such as www.intego.com, in the Server name field, then click
OK to add this server to the Cookie filter list.
Intego NetBarrier X3 User's Manual
Page 137
Chapter 5 — The 4 Lines of Defense
If you check this check box and do not add any servers to the list, Intego NetBarrier X3
blocks all cookie requests to your computer.
Cookie Counter
Intego NetBarrier X3 can also count the number of cookies for all users on your computer,
if you check the Count the number of cookies received check box. This displays a
cumulative total of the number of cookies since the first NetBarrier X launch, or since the
last time you reset the counter.
You can reset this counter by clicking the reset button to the right of the number of cookies.
This resets the cookie counter for all users on your computer.
A dialogue asks you to confirm this operation or cancel it.
Intego NetBarrier X3 User's Manual
Page 138
Chapter 5 — The 4 Lines of Defense
Information Hiding
All web browsers are set to reply to requests from web sites, telling which platform you are
using (Mac, Windows, Linux, etc.) and which type and version browser you are using.
Again, this can be useful (such as for sites with different versions for different browsers),
but you may find some sites that will not let you access them if you are on a Mac. Intego
NetBarrier X3 can "spoof" some information concerning your computer, that is, send false
information.
Intego NetBarrier X3 can reply to these requests, and send only generic information—it
replies that you are using Netscape, but with no version number nor platform. If you wish
Intego NetBarrier X3 to do this, check the Brand of my computer and name of my
Browser check box.
Some sites also request the last site you visited. Again, this can be useful (some sites want
to know where their users have come from), but unscrupulous sites might use this to follow
your browsing habits. By checking the Last Web site visited check box, Intego NetBarrier
X3 prevents a reply from being sent to this type of request.
Intego NetBarrier X3 User's Manual
Page 139
Chapter 5 — The 4 Lines of Defense
Monitoring
Intego NetBarrier X3’s Monitoring panel gives you detailed information on your
computer’s network activity.
Traffic
The Traffic tab of the Monitoring panel contains a set of activity gauges that inform you of
the type of network activity that is coming into and going out of your computer.
Intego NetBarrier X3 User's Manual
Page 140
Chapter 5 — The 4 Lines of Defense
There are two rows of gauges—the IN gauges show the amount of data coming into your
computer, and the OUT gauges show the amount of data leaving your computer. The top
number is the current throughput per second, and the bottom is the total amount.
Selecting Activity Data Types
You can choose which type of data will be recorded for the first four pairs of gauges. To do
this, click the header over one of the gauges.
Intego NetBarrier X3 User's Manual
Page 141
Chapter 5 — The 4 Lines of Defense
A popup menu displays showing several choices.
The following types of data can be recorded:
4D Server:
4D Server data.
Apple Rem. Desktop:
Apple Remote Desktop data.
AppleShare IP:
AppleShare IP data.
DNS:
DNS data.
FileMaker:
FileMaker Pro data.
FTP:
FTP data.
Intego NetBarrier X3 User's Manual
Page 142
Chapter 5 — The 4 Lines of Defense
Hotline:
Hotline server data.
iChat/AIM/ICQ:
Instant messaging data using iChat, AIM or ICQ.
Mail:
E-mail data.
NetUpdate:
Data for Intego's NetUpdate program.
News:
Newsgroup data.
Retrospect:
Retrospect data.
Telnet:
Telnet data.
Timbuktu:
Timbuktu data.
Web:
Web access (HTTP) data.
WebSTAR 4 Adm:
WebSTAR administration data.
WebSTAR V Adm:
WebSTAR administration data.
The last two pairs of gauges are fixed, and show the following information:
Other:
the amount of data for other protocols.
IP:
the total amount of Internet Protocol data.
Intego NetBarrier X3 User's Manual
Page 143
Chapter 5 — The 4 Lines of Defense
Adding Services to the Activity Gauges
You can add your own services to this list by selecting Modify... A Service List displays.
This list shows all the services available for the Activity Gauges. You can select a service
from the Name section and click OK to add it to the Activity Data Type menu.
Intego NetBarrier X3 User's Manual
Page 144
Chapter 5 — The 4 Lines of Defense
You can also create your own services and add them to the Service List. Click the Add
button under the Name section to add a new service. A new service line is added to the list.
Enter a name for the service then press Enter.
Intego NetBarrier X3 User's Manual
Page 145
Chapter 5 — The 4 Lines of Defense
For this service to record data in the Activity Gauges, you must specify which port(s) it
uses. Click the Add button under the Ports section to add ports to the service.
A new line displays at the top of the Ports section. Enter the port number for your new
service, then press Enter. You can add more ports by following the same procedure, and
you can remove ports by clicking a port to select it then clicking Remove...
Editing Services
You can edit the ports used for different services by the Activity Gauges by clicking a
service, then adding, removing or changing ports in the Ports section of the Service Editor.
Click OK to save your changes, or click Cancel to discard them.
Intego NetBarrier X3 User's Manual
Page 146
Chapter 5 — The 4 Lines of Defense
Total Traffic graph
A bar graph showing total traffic is available in this window. When no network activity
occurs, this graph is empty, but when there is network activity, either over a local network
or the Internet, this graph will show the total activity.
The orange parts of the bars represent incoming traffic, and the green represent outgoing
traffic.
In addition, the scale of this graph is dynamic; it changes according to the amount of traffic.
In the above example, a network connection is active, and throughput ranges from 0 to
about 60 kilobytes per second. In the second example, below, the only activity is polling
over a local network; the maximum traffic here does not exceed 500 bytes per second.
Intego NetBarrier X3 User's Manual
Page 147
Chapter 5 — The 4 Lines of Defense
If you place your cursor over this graph, a text displays showing the actual data throughput,
which is updated every second.
Intego NetBarrier X3 User's Manual
Page 148
Chapter 5 — The 4 Lines of Defense
To view individual graphs for incoming and outgoing data, double-click anywhere in the
graph. The graph window changes to show three graphs: one for incoming data, one for
outgoing data, and one for total traffic.
To return to the normal view, with a single graph and activity gauges, double-click
anywhere in one of the graphs.
Intego NetBarrier X3 User's Manual
Page 149
Chapter 5 — The 4 Lines of Defense
You can also change the type of data any of these graphs display by clicking All and
selecting a data type from the popup menu.
Intego NetBarrier X3 User's Manual
Page 150
Chapter 5 — The 4 Lines of Defense
When the window displays three graphs, you can choose the scale for the In and Out
graphs. If you hold down the Control key on your keyboard and click anywhere in the In or
Out graph, a popup menu offers several options.
This lets you choose your maximal throughput and display graphs that are correctly scaled
for that throughput. Choose Dynamic Scale if you want the graph to change its scale
according to the data throughput.
Intego NetBarrier X3 User's Manual
Page 151
Chapter 5 — The 4 Lines of Defense
Resetting the Activity Gauges
If you click the Reset button, the totals beneath the gauges are all reset to zero.
When you reset the activity gauges, an alert displays asking you to confirm clearing the
gauges. This ensures that you do not accidentally reset the activity gauges. If you wish to
reset the activity gauges, click Reset. If not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 152
Chapter 5 — The 4 Lines of Defense
Viewing the gauges as a palette
If you click the window's resize button
the Intego NetBarrier X3 window collapses and the activity gauges display as a horizontal
palette.
Intego NetBarrier X3 User's Manual
Page 153
Chapter 5 — The 4 Lines of Defense
If you click the resize button while holding down the shift key, the palette displays
vertically. This can be useful if you want to keep an eye on your network activity, and wish
to leave these gauges visible. To return to the main Intego NetBarrier X3 window, click the
resize button on the palette.
Intego NetBarrier X3 User's Manual
Page 154
Chapter 5 — The 4 Lines of Defense
Using the NetBarrier Monitor Application
When you install Intego NetBarrier X3, the program also installs an application called
NetBarrier Monitor. You can find this program in your Applications folder.
The NetBarrier Monitor application provides a small, floating window that lets you keep an
eye on network activity at all times, without needing to display the entire Intego NetBarrier
X3 activity gauge palette.
When you open NetBarrier Monitor, it displays its activity gauge window in the bottomright corner of your screen.
Intego NetBarrier X3 User's Manual
Page 155
Chapter 5 — The 4 Lines of Defense
By default, NetBarrier Monitor displays the total network traffic for all services. You can
change this display by clicking All at the bottom of the NetBarrier Monitor window, and
selecting a service from the popup menu.
If you hold down the Control key on your keyboard and click anywhere in the NetBarrier
Monitor window, a popup menu offers two options.
You can quit NetBarrier Monitor by selecting Quit.
You can also choose to have NetBarrier Monitor display its activity gauges in the Dock by
selecting Show in Dock. If you do this, the NetBarrier Monitor window closes, and the
program's Dock icon changes to show its activity gauges that are updated in real time.
Intego NetBarrier X3 User's Manual
Page 156
Chapter 5 — The 4 Lines of Defense
To return NetBarrier Monitor to its window, hold down the Control key, click on the
NetBarrier Monitor Dock icon, and select Show in Window.
When NetBarrier Monitor displays in the Dock, you can change its display by holding
down the Control key, clicking on its Dock icon, and selecting a different service from its
Dock menu.
And to have easy access to NetBarrier Monitor, you can select Keep in Dock from this
menu; this keeps the NetBarrier Monitor icon in the Dock, even when the program is not
running, so you can open it just by clicking its Dock icon.
Intego NetBarrier X3 User's Manual
Page 157
Chapter 5 — The 4 Lines of Defense
The Intego NetBarrier X3 Monitor Screen Saver
Intego NetBarrier X3 installs a screen saver on your Macintosh. This screen saver gives
you an overview of network activity. Even when you're not working, you can keep an eye
on what's entering and leaving your Mac. In addition, if your Macintosh is running as a
server, this screen saver gives you an overview of its network activity.
To use the Intego NetBarrier X3 screen saver, open the System Preferences from the Apple
menu, and click on Screen Effects. Select NetBarrierSaver in the screen saver list.
Intego NetBarrier X3 User's Manual
Page 158
Chapter 5 — The 4 Lines of Defense
To configure the screen saver, click Configure. You can choose the order in which services
are displayed.
Drag them in the order you want.
Intego NetBarrier X3 User's Manual
Page 159
Chapter 5 — The 4 Lines of Defense
The number of services displayed depends on your screen resolution and the number of
screens you have.
For more on screen saver settings, see the Mac OS X help.
Intego NetBarrier X3 User's Manual
Page 160
Chapter 5 — The 4 Lines of Defense
Network
This panel provides useful information about your computer and its network configuration.
It shows the user name, the name of the computer, its IP address and other network
information. A popup menu shows you all the IP addresses that are active on your
computer—if you have several network adapters with different addresses, or are running
several servers. It also tells if Web Sharing and File Sharing are running. In addition, it
gives you real-time information on your network activity.
Intego NetBarrier X3 User's Manual
Page 161
Chapter 5 — The 4 Lines of Defense
Computer and Network Information
The top part of the Network pane provides an overview of information on your computer
and its network. In addition to presenting such information as the computer name, IP
address and whether or not file sharing services are on, you can use this pane to get quick
access to the different elements of Mac OS X where you can change network settings.
When you move your cursor over some of the labels on this pane, the labels become
highlighted. If you click these labels, a popup menu displays.
Selecting Modify... opens different panes of the Mac OS X System Preferences. The
following labels offer access to the preferences panes specified below:
• Web Sharing: This opens the Sharing preference pane, where you can turn Web
Sharing on or off.
• File Sharing: This opens the Sharing preference pane, where you can turn File
Sharing on or off.
• IP address: This opens the Network preference pane, where you can change your
IP address or network configuration.
Intego NetBarrier X3 User's Manual
Page 162
Chapter 5 — The 4 Lines of Defense
Some labels offer the possibility of displaying certain information in large type.
If you select Large Type from the label popup menu for IP address, Network mask or
Hardware address, Intego NetBarrier X3 displays this information in large type in front of
the Intego NetBarrier X3 application.
To remove this display, click anywhere.
Intego NetBarrier X3 User's Manual
Page 163
Chapter 5 — The 4 Lines of Defense
If you click the IP address label, the popup menu that displays offers additional options.
In addition to the Large Type and Modify... options mentioned above, you can do the
following:
• Copy to Clipboard: this copies your IP address to the clipboard
• Show outside IP: this displays your outside IP address in large type. This address is
different from what Intego NetBarrier X3 displays on this pane if you have a router,
or cable or DSL modem.
• Show History: this shows the history of your computer's IP addresses. This displays
a list showing the different IP addresses attributed to your computer by your ISP, if
you have dynamic IP addressing. However, if you have a router, or a cable modem,
this only shows the IP address your computer uses internally. You can also display
this window by selecting Window > Show IP History Window.
Intego NetBarrier X3 User's Manual
Page 164
Chapter 5 — The 4 Lines of Defense
Services
This section lists any services currently running on your computer that are accessible to
other users via the Internet Protocol, such as a web server, mail server, etc. For each port
being used, the following information is shown: the protocol (TCP or UDP), the local port
number, the remote port, according to the protocol it represents, if it is a standard protocol
(for example, port 21 is FTP), the remote address, that is the IP address of the connection,
and the status of the connection.
Intego NetBarrier X3 User's Manual
Page 165
Chapter 5 — The 4 Lines of Defense
Whois
Intego NetBarrier X3 allows you to look up domain names and Internet IP addresses using
its built-in Whois tool. To do this, enter a domain name or IP address in the Domain field,
then click the Whois button. The text field below gives you information about the domain.
Intego NetBarrier X3 has four default Whois servers, but you can add others. To find out
how to add Whois servers, see chapter 6, Preferences and Configurations.
Intego NetBarrier X3 User's Manual
Page 166
Chapter 5 — The 4 Lines of Defense
Traceroute
When you send or receive data over the Internet, or other networks, your data is sent in
packets from host to host until it reaches its destination. Data can make dozens of hops
along its route, and Intego NetBarrier X3's Traceroute function can help you see exactly
how your data gets to its destination. This is especially useful when you are having
problems accessing a specific host, to see where the data is blocked—when this happens, it
usually means a key host or router is not functioning.
To run a traceroute, enter an IP address or a domain name, such as www.intego.com, in the
Network Address field, then click Trace. If you enter a domain name, Intego NetBarrier X3
resolves this and displays the actual IP address.
Intego NetBarrier X3 User's Manual
Page 167
Chapter 5 — The 4 Lines of Defense
The traceroute window then shows all the hops between your computer and the final host.
For each hop, Intego NetBarrier X3 displays the hop number, the IP address, the actual host
name, the response time, and the number of pings that succeed or fail. For each hop, Intego
NetBarrier X3 sends three pings. Note that if you have a router on your network, it may not
respond to the traceroute request, and may display as failed requests. This won't prevent the
rest of the traceroute from being executed.
After your traceroute has completed, you can see a visual display of the route your data
takes by clicking Show on Map. This shows a world map with lines connecting each hop,
and numbers showing their position on the path.
When you have finished, click Close to close the map.
Intego NetBarrier X3 User's Manual
Page 168
Chapter 5 — The 4 Lines of Defense
NetUpdate
NetUpdate is an application that Intego's programs can use to check if the program has been
updated. This application is installed at the same time as Intego NetBarrier X3 or other
Intego programs. It checks updates for all of these programs at the same time, and
downloads and installs those for the programs installed on your computer.
The NetUpdate pane gives you information on your installed version, the last time
NetUpdate checked Intego's server for updates, and your subscription limit. To check for
updates, click Check now... NetUpdate will open and check for updates.
For more on using NetUpdate, see the NetUpdate User's Manual.
Intego NetBarrier X3 User's Manual
Page 169
Chapter 6 — Preferences and Configurations
6—Preferences and
Configurations
Intego NetBarrier X3 User's Manual
Page 170
Chapter 6 — Preferences and Configurations
Intego NetBarrier X3 Preferences
Preferences for several of Intego NetBarrier X3’s functions are available from the
NetBarrier Preferences screen. To view this screen, select Preferences from the NetBarrier
X menu.
Intego NetBarrier X3 User's Manual
Page 171
Chapter 6 — Preferences and Configurations
Interface
Intego NetBarrier X3 lets you choose whether you want to display the Intego NetBarrier X3
status icon in the menubar. For more on this icon and its menu, see Using the NetBarrier
X Menu in Chapter 4.
To display the Intego NetBarrier X3 status icon in the menu bar, check Show Status in
Menu Bar in the Interface tab of the NetBarrier Preferences.
Intego NetBarrier X3 User's Manual
Page 172
Chapter 6 — Preferences and Configurations
Modem
You can provide total security for your modem with this option. To do this, click the
Modem button on the Preferences screen. It may prevent your modem from answering any
calls. To secure your modem, click the Secure now button. To reset your modem, if you
have secured it, click the Reset button.
Intego NetBarrier X3 secures your modem, blocking incoming calls, so it is fully protected.
Intego NetBarrier X3 User's Manual
Page 173
Chapter 6 — Preferences and Configurations
Log Export Preferences
You can set Intego NetBarrier X3 to export the Log at regular intervals. To do this, click
the Log button on the Preferences screen.
Intego NetBarrier X3 User's Manual
Page 174
Chapter 6 — Preferences and Configurations
Export Log Data
If you wish to have your log exported at regular intervals, you can select from 5 options. By
default, this is set to Never.
Never
The log data is never exported.
Every week
The log data is exported once a week, at 00:00 on Monday. If the computer is not on
at this time, it is exported at the next restart.
Every day
The log data is exported once a day, at 00:00. If the computer is not on at this time,
it is exported at the next restart.
Every hour
The log data is exported once an hour, on the hour.
Customized
If you check this option, you can choose a custom interval to have your log data
exported. You can enter the number of units you want, and select Months, Days,
Hours or Minutes from the popup menu.
Intego NetBarrier X3 User's Manual
Page 175
Chapter 6 — Preferences and Configurations
Log Export Format
Logs can be exported in six formats. Click the Format popup menu to select the export
format.
You can choose from the following formats:
Expert HTML
This is the log in HTML format with additional columns. It shows the same
information as the log when in Expert mode.
Expert Text
This is the log in text format with additional columns. It shows the same
information as the log when in Expert mode, and has tabs separating the columns,
so it can be easily imported into a spreadsheet.
HTML
This is the log in HTML, which is readable by any web browser, and is presented in
table form.
Analytic
This is similar to Expert Text format, without tab separators, but with labels in front
of some fields.
Intego NetBarrier X3 User's Manual
Page 176
Chapter 6 — Preferences and Configurations
Text
This is the log in text format, which can be read by any word processor.
Who's there?
This format saves the log as a text file, with the following information:
DATE:
The date of the connection.
TIME:
The time of the connection.
RESULT:
The result of the connection.
HOSTNAME:
The host IP address.
SERVER_PORT:
The server port used for the connection.
METHOD:
The type of connection; TCP or UDP.
Log Export Location
You can select the folder where log export files are saved. By default, they are saved in the
/Library/Logs/NetBarrier folder. If you wish to have these files saved in another folder,
click the Select... button and navigate until you get to the folder you wish to use. Then click
Select to use this folder. You can also create a new folder by clicking New Folder in the
dialog box. Name this folder as you wish, and click Create.
Note: If you are using Web Sharing, you can export the log into a shared folder, providing
access to this file from a remote computer.
Intego NetBarrier X3 User's Manual
Page 177
Chapter 6 — Preferences and Configurations
Log Recording Options
Intego NetBarrier X3's log offers the possibility of displaying several types of information.
You control the display on the Log pane. To control which types of information are
recorded in logs that you export, choose from three options here:
FrontEnd Startup and Quit
This records general Intego NetBarrier X3 activity, such as Intego NetBarrier X3
startup and quit.
Denied connections
This records all connections that are denied.
Incoming data blocked by the Stop List
This records all incoming data, attacks or intrusion attempts that are blocked by the
Stop List.
Intego NetBarrier X3 User's Manual
Page 178
Chapter 6 — Preferences and Configurations
Traffic Export Preferences
You can set Intego NetBarrier X3 to export traffic data at regular intervals. To do this, click
the Traffic button on the Preferences screen. This screen also gives you several options for
managing traffic data.
Intego NetBarrier X3 User's Manual
Page 179
Chapter 6 — Preferences and Configurations
Periodic Export
If you wish to have your traffic data exported at regular intervals, you can select among 5
options. By default, this is set to Never.
Never
The traffic data is exported.
Every week
The traffic data is exported once a week, at 00:00 on Monday. If the computer is not
on at this time, it is exported at the next restart.
Every day
The traffic data is exported once a day, at 00:00. If the computer is not on at this
time, it is exported at the next restart.
Every hour
The traffic data is exported once an hour, on the hour.
Intego NetBarrier X3 User's Manual
Page 180
Chapter 6 — Preferences and Configurations
Customized
If you check this option, you can choose a custom interval to have your traffic data
exported. You can enter the number of units you want, and select Months, Days,
Hours or Minutes from the popup menu.
Traffic Data Export Format
Traffic data can be exported in two formats: text and HTML. If you select Text, they will
be saved in a file that can be read by any word processor. If you select HTML, files are
readable by any web browser, and are presented in table form.
Traffic Data Export Location
You can select the folder where traffic export files are saved. By default, they are saved in
the /Library/Logs/NetBarrier folder. If you wish to have these files saved in another folder,
click the Select... button and navigate until you get to the folder you wish to use. Then click
Select to use this folder. You can also create a new folder by clicking New Folder in the
dialog box. Name this folder as you wish, and click Create.
Note: If you are using Web Sharing, you can export the traffic data into a shared folder,
providing access to this file from a remote computer.
Intego NetBarrier X3 User's Manual
Page 181
Chapter 6 — Preferences and Configurations
Resetting the Gauges after Export
If you check this button, your activity gauges will be reset to zero after each export.
IP Traffic Alert
Intego NetBarrier X3 has a setting that allows you to monitor the amount of data entering
or leaving your computer. This can be very useful if you have an Internet access account
with uploading or downloading restrictions.
If you check this option, Intego NetBarrier X3 displays a warning when your traffic
exceeds the amount you have selected. You can choose to have a warning for Incoming,
Outgoing or Total traffic, and you can choose the amount of the threshold, in kilobytes,
megabytes or gigabytes.
Intego NetBarrier X3 User's Manual
Page 182
Chapter 6 — Preferences and Configurations
Whois
Intego NetBarrier X3’s Whois function allows you to search for information on domain
names and IP addresses. Four Whois servers are preset in this pane, and they are queried in
the order shown in this panel.
Intego NetBarrier X3 User's Manual
Page 183
Chapter 6 — Preferences and Configurations
If you wish to change their order, you can do so by selecting one of the servers and
dragging it to a new location.
You can activate or deactivate the Whois servers in this panel. To deactivate a server,
uncheck its check box. To activate a deactivated server, check its check box.
You can also add new Whois servers. To do this, click Add. A new line is added to the list,
with the server address highlighted. Type in the name of the new Whois server you wish to
add.
To remove a Whois server, select it by clicking it, and click Remove… A dialogue box asks
you to confirm this removal or cancel it.
Intego NetBarrier X3 User's Manual
Page 184
Chapter 6 — Preferences and Configurations
About Intego NetBarrier X3
If you select About NetBarrier… from the NetBarrier menu, a window displays showing
some information about Intego NetBarrier X3, such as the version number, your support
number (a number you will need for technical support), clickable links to Intego’s web site
and e-mail address, and Intego’s address.
If you haven't yet registered online, you can do so quickly and easily by clicking the
Register online... button. This takes you to the registration page on the Intego web site.
Intego NetBarrier X3 User's Manual
Page 185
Chapter 6 — Preferences and Configurations
Configuration Sets
Intego NetBarrier X3 gives you the possibility of saving as many configuration sets as you
want. Each configuration set contains all the settings and preferences you have applied to
Intego NetBarrier X3. You can make sets for different locations, if you have a PowerBook
or iBook—one set for office use, another for home use. You may want to have one set that
includes additional protection for the times your computer is used as a server, and another
for when it is a client. You may also want a specific set for less protection when you are
connected to a local network, and additional protection when you are surfing the web. You
may want to have a set that sends you e-mail messages when any intrusions occur, for when
you are not at your computer.
Selecting the Active Configuration Set
To select a configuration set, select Configurations... from the File menu. A dialog box
displays.
Intego NetBarrier X3 User's Manual
Page 186
Chapter 6 — Preferences and Configurations
Select the set you wish to activate, and click Select. If you decide you do not want to
activate this set, click Done, or select a different set.
Adding Configuration Sets
To add a configuration set, select Configurations... from the File menu. A dialog box
displays.
To create a new configuration set, you first need to copy an existing set, and rename it. To
do this, click one of the sets in the list, and then click Rename. The following dialog box
displays:
Enter the name for your new set, and click OK. If you decide you do not want to rename
this set, click Cancel.
Now that you have a new configuration set, activate it by clicking Select.
You can now make any changes to the configuration that you want, and they are saved
under the current set. To return to another set, select it from the list of configuration sets.
Intego NetBarrier X3 User's Manual
Page 187
Chapter 6 — Preferences and Configurations
Deleting Configuration Sets
To delete a configuration set, select Configurations... from the File menu. A dialog box
displays. Select a set by clicking on one of the sets in the list, and then click Delete.
A dialog box asks if you really want to delete this set. Click Delete. If you decide you do
not want to delete this set, click Cancel.
Intego NetBarrier X3 User's Manual
Page 188
Chapter 6 — Preferences and Configurations
Renaming Configuration Sets
To rename a configuration set, select Configurations... from the File menu. A dialog box
displays. Select a set by clicking on one of the sets in the list, and then click Rename.
Enter the name for your new set, and click OK. If you decide you do not want to rename
this set, click Cancel.
Intego NetBarrier X3 User's Manual
Page 189
Chapter 6 — Preferences and Configurations
Exporting Settings
You can save all your Intego NetBarrier X3 settings in a special file that you can then use
to import these settings into another copy of Intego NetBarrier X3. This is especially useful
if you manage many computers and want to use the same settings for all of them.
To export your settings, select File > Export Settings... A dialog box asks you to name the
settings file and choose a location to save it.
Importing Settings
If you have exported settings from one copy of Intego NetBarrier X3 (see above) you can
import them into another copy of the program.
To import settings, select File > Import Settings... A file dialog asks you to locate the
settings file. Click Import and these settings are immediately applied to Intego NetBarrier
X3.
Intego NetBarrier X3 User's Manual
Page 190
Chapter 7 – Customized Protection
7—Customized
Protection
Intego NetBarrier X3 User's Manual
Page 191
Chapter 7 – Customized Protection
Using Intego NetBarrier X3’s Customized Mode
Additional options concerning Intego NetBarrier X3's Firewall feature are available in
Customized mode. All the other features function in the same manner as presented above.
Customized protection gives access to Intego NetBarrier X3's most powerful functions, by
allowing you to configure its Firewall rules as precisely as you wish.
Important: Intego NetBarrier X3's Customized protection should only be used by
experienced network administrators. Incorrectly setting its options may disrupt your
network activity.
Intego NetBarrier X3 User's Manual
Page 192
Chapter 7 – Customized Protection
User-configurable Firewall Options
Intego NetBarrier X3's Firewall allows you to create rules that examine incoming and
outgoing data for specific sources, destinations and services, and act according to your
choices. Your rules can be wide, such as preventing any incoming traffic from connecting
to your computer, or precise, such as preventing incoming traffic from a specific host from
connecting to a specific service on your computer.
Rule Order
Rules added to the Firewall function from the first to the last. This means that you need to
make sure that your rules are in the correct order to function correctly.
In this example, the first rule blocks data coming from the Internet (which includes all
networks, even a local network). Rule 3, however, allows traffic from a local network, but
since it is in 3rd position, it is not applied; the 1st rule takes precedence. For rule 3 to be
applied, it needs to be moved to the top of the rule list. To do this, select the rule, and slide
it above the rule you want to place it in front of.
Intego NetBarrier X3 User's Manual
Page 193
Chapter 7 – Customized Protection
Creating Rules with the Assistant
Intego NetBarrier X3 contains an assistant to help you create your own custom firewall
rules. With this assistant, you can create your own rules with just a few mouse-clicks.
While not all of Intego NetBarrier X3's rule features are available when you create rules
with the assistant, it can cover most of your needs for firewall rules. If you need more
customization, you can create rules using the assistant then edit them manually.
The Intego NetBarrier X3 Assistant walks you through a series of steps to create your rule:
• Name and Behavior
• Direction
• Service
• Duration
• Options
• Conclusion
To create a new rule using the assistant, click the Assistant button.
Intego NetBarrier X3 User's Manual
Page 194
Chapter 7 – Customized Protection
The first assistant screen displays.
Click the right arrow to begin creating a new rule. You can click the left arrow at any time
to return to previous screens.
Or click Close to exit the Assistant.
Intego NetBarrier X3 User's Manual
Page 195
Chapter 7 – Customized Protection
Name and Behavior
This screen lets you choose a name for your rule and its behavior.
Enter a name for your rule in the name field, then select the behavior for the rule: Allow
data or Deny data. If you select Allow data, the rule will allow data matching its direction
and service to pass. If you select Deny data, the rule will block data matching its direction
and service.
Click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 196
Chapter 7 – Customized Protection
Direction
This screen lets you choose the communication direction and which host initiates the
communication.
First, in the This rule will affect connections with: section, select a remote host. You have
four choices for the remote host:
Any other computer
This is any computer other than your Macintosh.
Computers on my local network
This is any computer on the same local network as your Macintosh.
Intego NetBarrier X3 User's Manual
Page 197
Chapter 7 – Customized Protection
Computers on the default AirPort network
This is any computer on your default AirPort network, if you have one.
Computers on this custom network
If you have created any custom networks using the standard rule editor, you can
select one of them here.
Next, select the computer that initiates the connection:
My Macintosh
This is your Macintosh, the computer using this rule.
The other computer
This is the remote host defined in the first part of this screen.
When you have finished, click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 198
Chapter 7 – Customized Protection
Service
This screen lets you choose the service that the rule affects.
You can choose from three types of services:
All services
This is all network services.
TCP services (connected services)
These are services that require a connection open and maintained between two
computers, such as HTTP, FTP, TELNET, SSH, POP3, AppleShare, etc. This
covers all TCP connections.
Intego NetBarrier X3 User's Manual
Page 199
Chapter 7 – Customized Protection
This service:
You can choose from a list of services that correspond to popular applications and
protocols. Select the service you want to use by clicking its name in the list.
When you have finished, click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 200
Chapter 7 – Customized Protection
Duration
This screen lets you choose how long the rule will be in effect.
You can choose to have the rule never expire, or you can select a date and time for the rule
to expire.
If you choose to have the rule expire, you can select a date by clicking on the calendar, and
you can change months and years by clicking the arrow buttons.
To set the time, you can either type in the time field or click the arrow button to increase or
decrease the time.
Intego NetBarrier X3 User's Manual
Page 201
Chapter 7 – Customized Protection
If you choose to have the rule expire, it is deleted by default. To keep the rule and have it
disabled, check Disable—do not delete. You can enable the rule manually at any time after
it is disabled.
When you have finished, click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 202
Chapter 7 – Customized Protection
Options
This screen lets you choose additional options for your rule.
Two options are available on this screen:
Log rule usage
If you check this option, the firewall records each time this rule is used in its log.
Disable the rule
If you check this option, Intego NetBarrier X3 creates the rule but disables it. You
can enable it manually later.
When you have finished, click the right arrow to go to the next screen.
Intego NetBarrier X3 User's Manual
Page 203
Chapter 7 – Customized Protection
Conclusion
This screen creates the rule according to the settings you have selected in the assistant.
This screen offers one final option: if you check Create a rule in the opposite direction,
the assistant creates a matching rule with the source and destination switched.
Click Create to create your rule and exit the assistant.
Intego NetBarrier X3 User's Manual
Page 204
Chapter 7 – Customized Protection
When you have finished, you will see that your rule (or rules, if you checked Create a rule
in the opposite direction) displays in the Intego NetBarrier X3 list of firewall rules.
If you wish to further customize the rule, or edit it, see below, Editing Rules.
Intego NetBarrier X3 User's Manual
Page 205
Chapter 7 – Customized Protection
Using Predefined Rule Sets
Intego NetBarrier X3 includes many predefined rule sets, corresponding to the most
common Internet and network applications, so you can add specific rules for the
applications and protocols you use. These rules make it easy to either allow or deny traffic
for any of these applications or protocols.
To add a rule set, click the Add Set... button. The Rule Sets window displays.
Intego NetBarrier X3 User's Manual
Page 206
Chapter 7 – Customized Protection
To select one of the Rule Sets, just click one of the applications or protocols in the list,
click either Allow or Deny, and click Add. You will see that the rules for this application or
protocol have been added to the rule list.
All you need to do now is make sure the rule order corresponds to the way your rules
should be applied. For more on this, see the Rule Order section above.
Intego NetBarrier X3 User's Manual
Page 207
Chapter 7 – Customized Protection
Creating Rules
You can also create individual rules using the Rule Editor. Click the Add rule... button and
the Rule Editor displays.
Intego NetBarrier X3's Rule Editor allows network administrators to quickly and easily
define and implement a comprehensive security policy. It is extremely flexible, and allows
you to define an unlimited number of rules.
Intego NetBarrier X3 User's Manual
Page 208
Chapter 7 – Customized Protection
The Rule Editor is a simple interface for creating rules. You can create a new rule in
seconds. To create a rule, you need to specify five things:
• The Source
• The Destination
• The Service
• The Interface
• The Action
At the top of the Rule Editor box is a field where you can name this rule. Just below it, are
three check boxes. You must check the first one, Enabled, if you wish your rule to be
activated. If it is not checked, Intego NetBarrier X3 does not use this rule. You may want to
have rules that are not active at all times, so, in some cases you will not want to check this
box. Or you may want to have certain rules active in one configuration, and not another.
For more on using configuration sets, see chapter 6, Preferences and Configurations.
Next to this check box is the Log check box. If this is checked, any time this rule acts, an
entry is added to the log. If it is not checked, this rule is not logged.
Intego NetBarrier X3 User's Manual
Page 209
Chapter 7 – Customized Protection
Also, if the Log check box is checked, the Stop processing check box will be active. If you
check this box, and the rule is activated, the rules following this one is not checked. See
below, Using the Stop Processing Function, for more on this function.
You can also choose the rule's expiration. By default, this is set to Never. If you wish to
have the rule expire, click the Expiration: popup menu and select Remove rule or Disable
rule.
If you choose Remove rule, Intego NetBarrier X3 deletes the rule at the expiration date. If
you choose Disable rule, Intego NetBarrier X3 disables the rule at the expiration date. You
can enable the rule manually at any time after it is disabled.
When you choose one of these expiration options, the Set... button is enabled. Click this
button to set the expiration date and time. A calendar sheet displays.
Select a date by clicking on the calendar; you can change months and years by clicking the
arrow buttons. To set the time, you can either type in the time field or click the arrow
button to increase or decrease the time.
Intego NetBarrier X3 User's Manual
Page 210
Chapter 7 – Customized Protection
When you have set the expiration date and time, click OK. The Rule Editor shows this date
and time.
Intego NetBarrier X3 User's Manual
Page 211
Chapter 7 – Customized Protection
Sources
The Source, for a rule, is the entity that sends data. You can choose from four sources for
any rule. You may notice that Intego NetBarrier X3 will not allow you to choose the same
source and destination in a rule.
There are four sources available by default:
My Macintosh
This is your computer.
Local Network
This is a local network that your computer is connected to.
Airport Network
This is a wireless Airport network that your computer is connected to.
Internet
This is the Internet, in addition to any local network you may be connected to.
Selecting Internet actually means all networks.
Intego NetBarrier X3 User's Manual
Page 212
Chapter 7 – Customized Protection
Creating new sources
You can create new sources to use in your rules. This allows you to specify exactly which
computers you wish to have your computer communicate with.
To create a new source, select Add new network… from the source pop-up menu of the
Rule Editor.
The Network Editor displays.
Intego NetBarrier X3 User's Manual
Page 213
Chapter 7 – Customized Protection
To create a new source, enter the following information.
Source name
You may give the source any name you wish, by entering a name in the text field.
Source part
Sources can have several parts. You can, for example, select several specific IP addresses
and include them in a given source. See below, Address for more on addresses.
Adding parts
To add a part, click the plus icon in the part section of the Network Editor.
Moving from one part to another
You can move from one part to another by clicking either of the arrow icons, to
move either forward or backward.
Deleting parts
To delete a part, it must be displayed. Click one of the arrow icons until the part you
wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if
you really want to delete this part. Click Delete to delete the part, if not, click
Cancel.
Intego NetBarrier X3 User's Manual
Page 214
Chapter 7 – Customized Protection
Type of network
A pop-up menu lets you select from six types of network.
Anywhere
This is any network.
My Macintosh
This is your computer.
My local network
This is the local network your computer is connected to.
Machine
This is a specific IP address.
Network
This is a specific network, identified by its IP address and Subnet mask.
Interval
This is a group of IP addresses, delimited by beginning and ending addresses.
Intego NetBarrier X3 User's Manual
Page 215
Chapter 7 – Customized Protection
Address
Depending on the type of network you select, the address section of the Network Editor
will be different.
Anywhere
If you select this type of network, there is nothing to enter in the Address section,
since this source covers all networks.
My Macintosh
If you select this type of network, the IP address of your computer displays in the
Address field.
My local network
If you select this type of network, the beginning and ending addresses of your local
network display in the Address field.
Machine
If you select this type of network, you must enter the IP address of a specific
computer in this field.
Network
If you select this type of network, you must enter the IP address and Subnet mask of
the network you wish to use.
Interval
If you have selected this type of network, you must enter the beginning and ending
IP addresses of the networks you wish to use.
Intego NetBarrier X3 User's Manual
Page 216
Chapter 7 – Customized Protection
Deleting Sources
You can delete any sources that you have created. To do so, select the source, and then
click the trashcan icon.
A dialog box displays, asking if you really want to delete that source. Click Delete to delete
the source, if not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 217
Chapter 7 – Customized Protection
Destinations
The destination, for a rule, is the entity that data is being sent to. You can choose among
four destinations for any rule. You may notice that Intego NetBarrier X3 will not allow you
to choose the same source and destination in a rule.
There are four destinations available by default:
My Macintosh
This is your computer.
Local Network
This is a local network that your computer is connected to.
Airport Network
This is a wireless Airport network that your computer is connected to.
Internet
This is the Internet, in addition to any local network you may be connected to.
Selecting Internet actually means all networks.
Intego NetBarrier X3 User's Manual
Page 218
Chapter 7 – Customized Protection
Creating new destinations
You can also create new destinations to use for your rules. This allows you to specify
exactly which computers you wish to have your computer communicate with. This is done
in the same manner as creating sources.
To create a new destination, select Add new network… from the destination pop-up menu
of the Rule Editor.
Intego NetBarrier X3 User's Manual
Page 219
Chapter 7 – Customized Protection
The Network Editor displays.
Intego NetBarrier X3 User's Manual
Page 220
Chapter 7 – Customized Protection
To create a new destination, enter the following information.
Destination name
You may give the destination any name you wish, by entering a name in the text field.
Destination part
Destinations can have several parts. You can, for example, select several specific IP
addresses and include them in a given destination. See below, Address for more on
addresses.
Adding parts
To add a part, click the plus icon in the part section of the Network Editor.
Moving from one part to another
You can move from one part to another by clicking either of the arrow icons, to
move either forward or backward.
Deleting parts
To delete a part, it must be displayed. Click one of the arrow icons until the part you
wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if
you really want to delete this part. Click Delete to delete the part, if not, click
Cancel.
Intego NetBarrier X3 User's Manual
Page 221
Chapter 7 – Customized Protection
Type of network
A pop-up menu lets you select from six types of network.
Anywhere
This is any network.
My Macintosh
This is your computer.
My local network
This is the local network your computer is connected to.
Machine
This is a specific IP address.
Network
This is a specific network, identified by its IP address and Subnet mask.
Interval
This is a group of IP addresses, delimited by beginning and ending addresses.
Intego NetBarrier X3 User's Manual
Page 222
Chapter 7 – Customized Protection
Address
Depending on the type of network you select, the address section of the Network Editor
will be different.
Anywhere
If you select this type of network, there is nothing to enter in the Address section,
since this destination covers all networks.
My Macintosh
If you select this type of network, the IP address of your computer displays in the
Address field.
My local network
If you select this type of network, the beginning and ending addresses of your local
network display in the Address field.
Machine
If you select this type of network, you must enter the IP address of a specific
computer in this field.
Network
If you select this type of network, you must enter the IP address and Subnet mask of
the network you wish to use.
Interval
If you select this type of network, you must enter the beginning and ending IP
addresses of the networks you wish to use.
Intego NetBarrier X3 User's Manual
Page 223
Chapter 7 – Customized Protection
Deleting Destinations
You can delete any destinations that you have created. To do so, select the destination, and
then click the trashcan icon.
A dialog box displays, asking if you really want to delete that destination. Click Delete to
delete the destination, if not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 224
Chapter 7 – Customized Protection
Services
There are many services available by default:
Intego NetBarrier X3 User's Manual
Page 225
Chapter 7 – Customized Protection
All
If this is selected, the rule is active for all types of service.
Mail
If this is selected, the rule is active for e-mail only.
FTP
If this is selected, the rule is active for ftp only.
Web
If this is selected, the rule is active for HTTP, or web access, only.
Connected services
If this is selected, the rule is active for TCP services only.
Well known ports
If this is selected, the rule is active for well known ports, which are ports used by
common applications.
The remaining services are for specific programs or protocols.
Intego NetBarrier X3 User's Manual
Page 226
Chapter 7 – Customized Protection
Creating New Services
You can also create new services to use for your rules. This allows you to specify exactly
which services you wish to have your computer accept or use. This is done in the same
manner as creating sources.
To create a new service, select Add new service… from the service pop-up menu of the
Rule Editor. The Service Editor displays.
Intego NetBarrier X3 User's Manual
Page 227
Chapter 7 – Customized Protection
To create a new service, enter the following information.
Service name
You may give the Service any name you wish, by entering a name in the text field.
Service part
Services can have several parts. You can, for example, select several specific services and
include them in a given rule.
Adding parts
To add a part, click the plus icon in the part section of the Service Editor.
Moving from one part to another
You can move from one part to another by clicking either of the arrow icons, to
move either forward or backward.
Deleting parts
To delete a part, it must be displayed. Click one of the arrow icons until the part you
wish to delete is displayed. Click the trash can icon. A dialog box displays, asking if
you really want to delete this part. Click Delete to delete the part, if not, click
Cancel.
Intego NetBarrier X3 User's Manual
Page 228
Chapter 7 – Customized Protection
Protocol
Four different protocol suites can be selected from the pop-up menu: TCP, UDP, ICMP and
IGMP. You can also select Any, which covers all protocols.
When you select one of these protocol suites, another pop-up menu displays in the bottom
section of the panel, with a list of services that you can select from. This menu depends on
the protocol you have selected. For more information on these protocols and services, see
chapter 9, Glossary.
Port or Type
There are two possibilities when selecting the Port, for TCP or UDP services, or
Type, for ICMP or IGMP services.
Any port or Any type
If this is selected, the rule is active for all ports, or types.
Specified port or Specified type
You can also specify the port number, or type. Selecting different services
automatically inserts their standard port numbers in this field. If you need to use a
different port number, you can enter it manually.
Intego NetBarrier X3 User's Manual
Page 229
Chapter 7 – Customized Protection
Intervals
For TCP and UDP services, you can also enter a range of ports. If you select
Interval, you must enter the lowest and highest port numbers you wish to use in the
From and To interval fields.
Allow Broadcast packets
If this is checked, broadcast packets, which are packets sent to all computers on a local
network, are included in this service.
Deleting Services
You can delete any services that you have created. To do so, select the service, and then
click the trashcan icon.
A dialog box displays, asking if you really want to delete that service. If so, click OK. If
not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 230
Chapter 7 – Customized Protection
Interfaces
The interface, for a rule, is the network adapter that the data passes through. This can be an
Ethernet card, a wireless AirPort card, a PPP connection or any other type of network
interface. You can choose from the interfaces that exist on your computer, or you can create
your own interfaces.
Type of Interface
A pop-up menu lets you select from your available network interfaces. This menu may
include any or all of the following.
Built-in Ethernet
This is your built-in Ethernet card, if you have one.
AirPort
This is your AirPort card, if you have one.
Intego NetBarrier X3 User's Manual
Page 231
Chapter 7 – Customized Protection
Creating New Interfaces
You can create new interfaces to use in your rules. To create a new interface, select Add
new interface... from the Interface popup menu.
The Interface Editor displays.
To create a new interface, enter the following information.
Interface name
You may give the interface any name you wish, by entering a name in the text field.
Interface part
Interfaces can have several parts. You can, for example, include several interfaces in your
custom interface, ensuring that a given rule acts on more than one interface at a time.
Intego NetBarrier X3 User's Manual
Page 232
Chapter 7 – Customized Protection
Adding parts
To add a part, click the plus icon in the part section of the Network Editor.
Moving from one part to another
You can move from one part to another by clicking either of the arrow icons, to
move either forward or backward.
Deleting parts
To delete a part, it must be displayed. Click one of the arrow icons until the part you
wish to delete is displayed. Click the trashcan icon. A dialog box displays, asking if
you really want to delete this part. Click Delete to delete the part, if not, click
Cancel.
Intego NetBarrier X3 User's Manual
Page 233
Chapter 7 – Customized Protection
Type of Interface
A pop-up menu lets you select either Any or Custom. If you want to create a custom
interface, select Custom.
Select the name of your interface and enter its number, then click OK to save this interface.
Deleting Interfaces
You can delete any interfaces that you have created. To do so, select the interface, and then
click the trashcan icon.
A dialog box displays, asking if you really want to delete that interface. Click Delete to
delete the source, if not, click Cancel.
Intego NetBarrier X3 User's Manual
Page 234
Chapter 7 – Customized Protection
Actions
Two actions are possible for any rule: Allow or Deny. Select the action you wish to use for
your rule by checking the appropriate radio button, at the bottom of the Rule Editor
window.
Deleting Rules
If you wish to delete a rule, select the rule by clicking it, then click Remove... A dialog box
displays, asking if you really want to delete this rule. Click OK. If you decide you do not
want to delete this rule, click Cancel.
Editing Rules
If you wish to edit a rule, select the rule by clicking it, then click Edit... The Rule Editor
will open, and you can make any changes you wish to this rule. When you have finished
making changes, click OK to save your changes. If you decide you do not want to save the
changes, click Cancel.
Intego NetBarrier X3 User's Manual
Page 235
Chapter 7 – Customized Protection
Using the Stop Processing Function
When you create a rule, and check the Log check box, the Stop processing check box is
also activated. It is checked by default. If you leave it checked, the rules following the
current rule are be verified.
However, if you uncheck this check box, you can create a rule that logs incoming or
outgoing traffic, but does not take any other action on the traffic. If the traffic's IP address
or service corresponds to that selected in the rule, and the Stop processing check box is not
checked, the traffic is logged, but nothing else is done to it.
Note: you should be careful when creating rules for specific services. When you select a
service for a specific program, it is possible that this program uses the same port as another
program or service. Blocking or authorizing a specific service may conflict with other,
more general rules. For example, if you wish to block ICQ traffic, selecting ICQ as a
service will also block AOL Instant Messenger traffic since both programs use the same
port. Other programs may also use the same ports. If you find that you cannot connect to a
given service, or send or receive traffic, try deactivating your rules one by one to see if
there is a conflict.
Intego NetBarrier X3 User's Manual
Page 236
Chapter 7 – Customized Protection
Using the Rule Contextual Menu
Intego NetBarrier X3 offers a contextual menu to work with firewall rules, which gives you
quick access to many rule functions, and lets you make changes to rules with just a click.
You can use this contextual menu to add new rules, to edit existing rules, or to change rule
characteristics on the fly.
To see this contextual menu, hold down the Control key and click on a rule. (If you have a
two-button mouse, you can just click the right button of your mouse.)
Intego NetBarrier X3 User's Manual
Page 237
Chapter 7 – Customized Protection
This contextual menu offers several options:
Copy to Clipboard
This lets you copy the contents of a rule to the clipboard.
Insert Standard Set / Add Standard Set
This lets you insert or add a standard set of rules. You can choose from five sets, in
the submenu: No restrictions, No network, Client, local server, Server only, or
Client only.
State
You can toggle the state of a rule, turning it On or Off.
Behavior
You can toggle the behavior of a rule, setting it to Allow or Deny traffic.
Log
You can toggle whether or not the rule records traffic information in the log.
Switch Source & Destination
This switches the source and destination of the rule.
Duplicate
This makes a copy of the rule.
Edit…
This lets you edit the rule using the Rule Editor window.
Intego NetBarrier X3 User's Manual
Page 238
Chapter 7 – Customized Protection
Remove…
This lets you delete the rule.
Intego NetBarrier X3 User's Manual
Page 239
Chapter 8 – Technical Support
8—Technical Support
Intego NetBarrier X3 User's Manual
Page 240
Chapter 8 – Technical Support
Technical support is available for registered purchasers of Intego NetBarrier X3.
By e-mail
[email protected]
From the Intego web site
www.intego.com
NetBarrier uses the EDCommon and EDInternet frameworks written by Erik Dörnenburg.
Intego NetBarrier X3 User's Manual
Page 241
Chapter 9—Glossary
9—Glossary
Intego NetBarrier X3 User's Manual
Page 242
Chapter 9—Glossary
Address mask: A bit mask used to identify which bits in an IP address correspond to the
network address and subnet portions of the address.
Address mask reply: A reply sent to an address mask request.
Address mask request: A command that requests an address mask.
Bootp: The Bootstrap Protocol. A protocol used for booting diskless workstations.
Bootp client: A computer operating as a Bootp client.
Bootp server: A computer operating as a Bootp server.
Broadcast packet: On an Ethernet network, a broadcast packet is a special type of
multicast packet which all nodes on the network are always willing to receive.
Chat: A system that allows two or more logged-in users to set up a typed, real-time, on-line
conversation across a network.
Client: A computer system or process that requests a service of another computer system or
process (a "server"). For example, a workstation requesting the contents of a file from a file
server is a client of the file server.
Connection flood: An attack on a computer, where the sending system sprays a massive
flood of packets at a receiving system, in an attempt to connect to it, more than it can
handle, disabling the receiving computer.
Cookie: file on your hard disk, which contains information sent by a web server to a web
browser and then sent back by the browser each time it accesses that server. Typically, this
is used to authenticate or identify a registered user of a web site without requiring them to
sign in again every time they access that site. Other uses are, e.g. maintaining a "shopping
basket" of goods you have selected to purchase during a session at a site, site
personalization (presenting different pages to different users), tracking a particular user's
access to a site.
Datagram: A self-contained package of data that carries enough information to be routed
from source to destination independently of any previous and subsequent exchanges.
Datagram conversion error: An error in datagram conversion.
Intego NetBarrier X3 User's Manual
Page 243
Chapter 9—Glossary
DNS: Domain Name System. Used by routers on the Internet to translate addresses from
their named forms, such as www.intego.com, to their IP numbers.
Echo: The request sent during a ping.
Echo reply: The reply sent to an echo request.
Finger: A program that displays information about a particular user on the Internet, or on a
network.
FTP: File Transfer Protocol. A protocol used for transferring files from one server to
another. Files are transferred using a special program designed for this protocol, or a web
browser.
Gopher: A distributed document retrieval system, which was a precursor to the World
Wide Web.
Host: A computer connected to a network.
HTTP: HyperText Transfer Protocol, the protocol used to send and receive information
across the World Wide Web.
ICMP: Internet Control Message Protocol. This protocol handles error and control
messages sent between computers during the transfer process.
IGMP: Internet Group Management Protocol.
IMAP4: Internet Message Access Protocol. A protocol allowing a client to access and
manipulate electronic mail messages on a server. It permits manipulation of remote
message folders (mailboxes), in a way that is functionally equivalent to local mailboxes.
Intranet routing: The process, performed by a router, of selecting the correct interface and
next hop for a packet being forwarded on an Intranet.
IP: The network layer for the TCP/IP protocol suite widely used on Ethernet networks and
on the Internet.
IP address: An address for a computer using the Internet Protocol.
Irc: Internet Relay Chat. A medium for worldwide "party line" networks that allowing one
to converse with others in real time.
Intego NetBarrier X3 User's Manual
Page 244
Chapter 9—Glossary
Local network: A network of computers linked together in a local area. This may be a
single building, site or campus.
NETBIOS: Network Basic Input/Output System. A layer of software originally developed
to link a network operating system with specific hardware. It can also open
communications between workstations on a network at the transport layer.
Network: A group of interconnected computers that can all access each other, or certain
computers. This may be a local network, or a very large network, such as the Internet.
NNTP: Network News Transfer Protocol. A protocol for the distribution, inquiry, retrieval
and posting of Usenet news articles over the Internet.
Ntp: Network Time Protocol. A protocol that assures accurate local timekeeping with
reference to radio, atomic or other clocks located on the Internet. This protocol is capable
of synchronizing distributed clocks within milliseconds over long periods.
Packet: The basic unit of data sent by one computer to another across most networks. A
packet contains the sender's address, the receiver's address, the data being sent, and other
information.
Ping: A program used to test reachability of computers on a network by sending them an
echo request and waiting for a reply.
Ping broadcast: An attack similar to a ping flood. See below.
Ping flood: A ping attack on a computer, where the sending system sends a massive flood
of pings at a receiving system, more than it can handle, disabling the receiving computer.
Ping of death: An especially dangerous ping attack, that can cause your computer to crash.
POP3: Post Office Protocol, version 3. POP3 allows a client computer to retrieve electronic
mail from a POP3 server.
Port scan: A procedure where an intruder scans the ports of a remote computer to find
which services are available for access.
Protocol: The set of rules that govern exchanges between computers over a network. There
are many protocols, such as IP, HTTP, FTP, NNTP, etc.
Intego NetBarrier X3 User's Manual
Page 245
Chapter 9—Glossary
Router: A device that forwards packets between networks, reading the addressing
information included in the packets.
Server: A computer connected to a network that is serving, or providing data or files to
other computers called clients.
Service: A network function available on a server, i.e. http, ftp, e-mail etc.
SMTP: Simple Mail Transfer Protocol A protocol used to transfer electronic mail between
computers.
Spam: Unwanted e-mail messages, usually sent to thousands, even millions of people at a
time, with a goal of selling products or services.
TCP: Transmission Control Protocol. The most common data transfer protocol used on
Ethernet and the Internet
TCP/IP: The Internet version of TCP -TCP over IP.
Telnet: The standard Internet protocol used for logging into remote computers.
Tftp: Trivial File Transfer Protocol. A simple file transfer protocol used for downloading
boot code to diskless workstations.
Traceroute: A utility used to determine the route packets are taking to a particular host.
UDP: User Datagram Protocol. An Internet protocol that provides simple but unreliable
datagram services.
Whois: An Internet directory service for looking up information on domain names and IP
addresses.
Intego NetBarrier X3 User's Manual
Page 246
Fly UP