Logo -Internet Security Systems

q000012
advICE :Support :KB : q000012

When I install the product, no one can connect to my web or FTP server.

This article applies to: BlackICE Defender.

SUMMARY

The product is preset to work on most workstations (Win 95, Win 98, Win NT 4 Workstation). These presets block most incoming connections. You must edit the "firewall.ini" file to re-enable these services. Note that this is a good time to double-check those services that you really mean to expose to the Internet.

DETAILS

Here is what can be done to allow HTTP requests (TCP port 80) or FTP (ports 20 and 21) on a host running a web/FTP server:

  1. You will need to make a change to FIREWALL.INI (located in the installation directory--default location is C:\Program Files\Network ICE\BlackICE). Before editing this file, please copy a backup to a file called FIREWALL.SAV.
  2. Using the Notepad utility, open the FIREWALL.INI [*** WARNING *** You must be VERY careful with this file. An unintended entry could have unpredictable results.]
  3. In FIREWALL.INI, there is a section that looks somewhat like this: 
     
[MANUAL TCP low REJECT] 
ACCEPT, 113, identd, 1999-07-19 20:50:26, PERPETUAL 
REJECT, 139, SMB, 1999-07-19 20:50:26, PERPETUAL
  4. At the end of this particular section, add the following lines: 
     
ACCEPT, 20, FTP-data, 1999-07-22 20:26:53, PERPETUAL 
ACCEPT, 21, FTP-control, 1999-07-22 20:26:53, PERPETUAL 
ACCEPT, 80, HTTP, 1999-07-22 20:26:53, PERPETUAL
  5. The [MANUAL TCP low REJECT] section should now look like this: 
     
[MANUAL TCP low REJECT] 
ACCEPT, 113, identd, 1999-07-19 20:50:26, PERPETUAL 
REJECT, 139, SMB, 1999-07-19 20:50:26, PERPETUAL 
ACCEPT, 20, FTP-data, 1999-07-22 20:26:53, PERPETUAL 
ACCEPT, 21, FTP-control, 1999-07-22 20:26:53, PERPETUAL 
ACCEPT, 80, HTTP, 1999-07-22 20:26:53, PERPETUAL
  6. Save and close FIREWALL.INI.
  7. The service will now be available. Defender will still detect intrusions (such as attacks against CGI scripts or login failures against the FTP server) on these ports and dynamically block some intruders, but normal access should work as expected. 
 
Keywords: web server, firewall, blocking, FTP server 
Version:  1.8.5.5 
Fixed:     
Modified: 1999-12-26
SEARCH
Privacy Policy |  Copyright Info