Configuring Sygate personal firewall for XP

These are my own observations on how to configure Sygate personal firewall for internet connection sharing

The first thing we are going to do is to disable file and printer sharing over the internet. Open Sygate Personal Firewall, go to the Tools->Options menu and click the [Network Neighborhood] tab. Select each "Network Interface" from the combobox in turn and untick both checkboxes in the "Network Neighborhood Settings" box.

Note: You may wish to turn them on for a specific network card, your home network for example.

Once this is done, click the OK button to close the window.

The next thing we shall do is to configure the standard Windows services etc. If these are incorrectly configured then a remote user may access your pc or crash it. First, block the following applications.

Name Path
Generic host process for Win32 services C:\Windows\System32\svchost.exe
Internet information services C:\Windows\System32\inetsrv\inetinfo.exe
Message queuing service C:\Windows\System32\mqsvc.exe
MS DTC console program C:\Windows\System32\msdtc.exe
NDIS user mode I/O driver C:\Windows\System32\drivers\ndisuio.sys
NT kernel&system C:\Windows\System32\ntoskrnl.exe
TCP/IP services application C:\Windows\System32\tvpsvcs.exe

Now find the application named "LSA Shell" in the list, right-click this item in the list and select "Advanced...". Untick the "Act as server" checkbox and then click OK to close the window. Repeat this step for "Application layer gateway". Again click OK to close the application list.

Finally we are going to allow the local network machine to share the internet connection. Go to the Tools->Advanced Rules menu option. On the next window click the Add button.

  1. In the "Rule Description" box type "Internet connection sharing".
  2. In the "Action" box select "Allow this traffic".
  3. Under "Advanced settings" select the network card which is used for your local network. Make sure you do not accidentally select the network card used to access the internet.
  4. Click the OK button to close this window.

Your computer should now be protected from external attacks, while still allowing your local network to share your internet connection.

Some notes:

  1. If ever you see a message asking if an application may access the internet, use common sense. If you have no idea what this application is answer "No" and then perform a virus scan. If you are sure what the application is say "Yes", but make sure you also turn off "Act as a server" in the "Advanced" menu option for that application.
  2. If ever you see a message asking if an application may be connected to, this means that the application is trying to act as a server, and a remote machine is trying to access it. If the application is not a valid server application (like a database server) then it probably has a trojan installed, so uninstall it. If the application is a valid server application, you must answer Yes or No depending on whether or not you want anyone at all on the internet to be able to use it. Remember, the local network will automatically be granted access because of the advanced rule we applied earlier.

 

Share this article!

Follow us!

Find more helpful articles: