Hi:
I am wondering firstly how would I go about setting up "Exceptions Rules" to allow my network "client" to be able to see the "Printer & Doc sharing that is set up on my network? I am using "Armor2Net" firewall and have found it really good up to this point but now, after experiencing problem where I couldn't get my network to talk from the host to client and back again, that the firewall was the culprit.
I am running Windows XP pro on both the host and client systems with a wireless network for internet and e-mail access. I have set up a small network to allow the printer sharing and as mentioned it works well except that each time I want to use the printer sharing feature, I must shut down the Armor2Net firewall. I really am not comfortable with that and it is a pain also.
Can anyone out there explain to me how to set up the firewall so that the network printer sharing is an "exception?" If not, what are some of the suggested firewalls (preferably free ones) which might have the features I am after? Thanks very much.

Gus::dizzy:

Gus I feel two fold about your question. On one hand I know there must be a way to config Armornet to work with your current setup. The only drawback is I went and did some reading on their webpage and I don't like what I see. Most of the site FAQ's have to do more with billing and lic's than with the inner workings of the product. Maybe its just me but I'd like to think a product would be coverd more by FAQ's and online docs before they ask for money. IMHO Zone Alarm free offers much more support and online doc's to help if one were to get into a jam. Now on even another hand since you have a router with a built in hardware firewall also again IMHO that will serve you much better than any software firewall you are going to find. Not only are they more robust but they are faster and easier on system resources. Alot of people like something like ZA however to keep things from accessing the net or at least keep an eye on them. My personal setup is such that I don't run anything that I can't check on if need be. So with all that said I would say get ZA free if you must run a software based firewall. Other members feel free to lend advice here as I'm sure mine is not the end all be all opinion.

Interesting. Is there a place in the firewall you can setup "trusted IP's". @ home i have 6 pcs and in my firewall (ZA) i set it up so that certain pc's can access the printer/files/programs through the trusted zones.

IE: The "server" has the ZA attached and I want to let my laptop only access it I chose the trusted zone and put in 192.168.1.105 for my laptop and only it can access the info.

Hope that sheds some lite.

Hi Folks:
I uninstalled Armor2Net firewall and went to "Shields-Up." Did a probe of all ports and came back as "Passed Stealth." Then I went back in and ensured that the "Windows Firewall" was shut down and again checked into Steve Gibson's "Shields-Up" site. Again after probing all ports, the system passed Stealth. I am quite pleased with that, as it seems the wireless router is doing it's job. I do however still wonder about alerts when someone is trying to access my systems or my system is always trying to call home. Maybe I'm paranoid or just old fashioned. Am I as safe as I can be with the hardware firewall or do I still need the ZA free version? I have it downloaded but have not yet installed it. Will hang tough until I hear more from the experts. (you guys).
P.S. There have been no changes to the "out of the box" router firewall except that I "Stealthed" port 113 so that I couldn't be pinged. Do I need to do put in any further rules? Thanks for your opinions and examples.

Gus:

Hi Gus,

I run a bit on the paranoid side. So, in addition to blocking all incoming connections, I block all outgoing UDP traffic except port 53 (DNS) and all block outgoing TCP traffic for ports 135-139 and port 445.

If you play online games or use IRC this config would most likely interfere. As I said in your other thread I just use the hardware firewall on my router. I've set up Kiwl syslog daemon on one of my machines and configured my router to log all firewall exceptions to the syslog daemon. That way I can scan them easier. In addition I signed up with dshield.org and run there client for the kiwi syslog daemon. This client parses the syslog and reports in coming hits to dshield. I then get a daily email summarizing the hits on my firewall. I have found it usful at times. If it wasn't for the summary I would most likely have not realized that my internet slow down was do to a increased amount of traffic against my router. (I got in an internet storm and my daily hits went from a few hundred a day to several thousand a day)

Hi:

I really want to thank the three of you folks for your sound advice regarding the firewall.
I uninstalled Armor2Net completely and downloaded ZA free version. I then ran checks at Shields up with all software firewall's shut down or uninstalled. The hardware firewall on the router sure seemed to be doing it's job, however, as I mentioned before, I'm still a little paranoid and like to see what's going on so, I installed ZA free version.
I ran it initially with the basic setup and had only one problem, I had no network connectivity. I then made the client (laptop) the exception by placing it in the Trusted Zone and voila, I had full network connectivity. So far no other issues with ZA free. I started using ZA when it was still a fledgling company but had a number of issues with it on DSL so got rid of it. I then went to "Outpost free" and still think it's one of the keepers. I will keep a close eye on Zone Alarm and should I not encounter any issues with it, will use it on the "Host" computer.
Once again thank you for all the help you have offered. Best Regards:

Gus::

see badwayz aint just another pretty face :)

Glad all is well :)