OK I posted this in another thread, but should probably go in here - apologies LighthousePoint for the dupe -

OK, heres how I just installed on mine - run the setup and choose path etc then -

1. Use the configuration wizard to create my ruleset
2. Select Internet only or internet and LAN
3. it should detect your adapter and show you your main IP. Select "internet adapter" and continue
4. Choose I host one or more internet servers option from the next page and also the "I browse, use email" etc if you have a habit of doing that like we do from RDC/Terminal Services.
5. Tick the applications you use on the server in the "Client Applications" window. I.e. do you login remotely and use MSN messenger or something? Tick terminal services in this window.
6. Next page should show you your DNS servers, add any others you need to if required. The ones shown have been taken from your TCP/IP Properties so should be correct.
7. Next page is the Server Applications. Choose which applications you need accessed on your server from the outside world - in our case DNS, FTP, HTTP, HTTPS, Other Email Server, Visnetic Remote Admin and - importantly - Terminal Services which is your Remote Desktop to connect to the server.
8. It will come up with a dial up adapter after this, choose I do not use this adapter (will then auto block all traffic on this)
9. Save your ruleset or start over
10. Choose if you want to have remote admin (always a good idea, at least when starting out!) Enter a password and leave the port alone for the moment as Visnetic is expecting you to use its port. Re enter password.
11. Set firewall not to run on startup. This is useful and if all goes wrong with something you can just get a reboot and firewall wont be running on restart and you can access server etc. Once you are set and know eveything is ok you can change this later.
12. Choose "allow" when not running, again you will want to come back to this later and change it to block, but for now lets make sure everything is ok before we lock ourselves out.
13. Click finish
14. After reboot, double click the icon for visnetic on the dektop on your server - IT WILL THEN FREEZE UP! You will have to close that Remote connection and log in again.
15. Once you reconnect you can see the Visnetic icon in the tray and can then go on and configure everything else.
16. Make suer everything is ok and you can access what you need. You can test other ports with this handy URL - http://scan.sygate.com/prequickscan.html which will tell you what is open and blocked/closed. Run it on your server of course!
17. Go in to the visnetic properties again and choose to run on startup (or just go to services and set to automatic) and decide if you want to block when not running (i.e. on bootup before visnetic service has been started etc).
18. Have a beer (at least I did after my install )

Hope that helps!

PressCMS

Excellent instructions. Too bad I didn't see this before trying to install mine. Now I am locked out of my server, waiting for the tech to disable the service so I can get back in.

TL408>>

I was just going to point you to this.. I see you have found it.. This worked for me, I did make some additional notes on this in another thread after using these instructions. The additional notes may be helpful so just do a search for "Visnetic".

I installed Visnetic firewall today and had no trouble with setting everything up. I had the settings set to not load at startup, and to block all access when the program was not loaded. I guess those settings are just asking for a lockout as soon as a reboot is needed or if the software is shutdown but I was just confused about the block access when program is not loaded. So anyways, without thinking I closed the program because I wanted to restart it to troubleshoot some problems I was having. I instantly realized what I did was wrong and then was disconnected from RDC and got to say &*%&%*%!

so I guess my question is, is there anyway for a tech to change the settings for me without a restore or is that the only option? thanks

Just for the heck of it I would request a reboot first.. Maybe Visnetic only blocks all when it's not running when it's set to actually run at boot????

If that doesn't work I would just request that the support techs log into the console and uninstall the firewall. Since this is a simple thing for them to do, they will probably do it for you.

Once they uninstall it and reboot, you will be able to get back in and give it all another try.

hi

Are you guys running visnetic on windows 2003 standard? I don't see anything about windows 2003 standard servers being supported on the visnetic home page.

things I've done to get my win2003 standard server a bit more secure:
- enabled ICF (80, 3389)
- disabled a bunch of services
- patched using windows update
- used strong passwords, renamed the admin account

I guess a decent piece of firewall software is the next step, or do you know any other steps I could take? any other affordable firewall software you'd recommend maybe? should I install an antivirus package as well?

thx for your time,
Dennis

I'd definitely install some antivirus. AVG is a cost-effective solution.

And I've got visnetic running on a bunch of Win2k3 boxes, with great success.

thank you LighthousePoint, you shine light upon people's problems heh

I'll take a look at both AVG and visnetic's products and hope I don't shut myself out of my server like so many people apperenty have done

Visnetic is very easy to setup without locking yourself out:

1) Run their configuration wizard before rebooting, and make sure you specify that you are a) running servers b) need RDC.
2) Don't portscan your box -- that'll get you auto-baned

Maybe im an idiot, but I cant find out how to allow custom ports...?

Install the Visnetic Firewall Remote Administration Client. Then run that, add your server, go to your network adaptor, and under the "rules" section, you can add rules.

I wonder how you figured out 2)

thx again

Yeah, well, hrmm, eh. Okay, I admit it. I portscanned my own box

Learn from me... The anti-scanning feature does work... no need to test

LighthousePoint,

you said you liked AVG's products but I don't see any products that are licensed to be used on a 2003 webserver. Their File server products seem to be aimed at file servers in a LAN environment, and the other products are for home use or email servers.

can you tell me which product you used for those servers you mentioned?

an overview of their products and pricing: http://www.grisoft.com/us/price/cenik_en_usd_upr.pdf

thx,
Dennis

Would anyone care to post some screenshots of Visnetic in action. Would be interesting. Thanks!

AVG FileServer Edition supports Windows 2003.

It's only $70, and includes 2 years of support/updates, and has remote-manageability.

All of the AVG products are the same. The only difference is how they're licensed. For example, File Server is licensed based upon the number of workstations connecting to it. Depending on how you define this, it could be zero (none using samba), or a maximum of 2, since only 2 connections can be made to RDC. Either way, you're safely within the license terms.

All are fine in the firewall but from the box i lost internet..
I had batches for autoupdate mcaffee and automation to backup in RS but all this cannot run now...
Does anyone know what i must do in rules? i had try to open all outgoing requests not to be blocked but no luck.

make sure that nothing is blocking >80.

I've had a few glitches with Visnetic, and to be honest, I'm not too happy with the product -- not very reliable. But try re-running the configurator; that fixed a few problems for me with my rulesets.

Arg, this program is a piece of work. You can't access the control program after telling it to run at startup:/

Use the remote admin tool

Hehe, I just got the damn firewall to work correctly fully. I could do it really easily now:p Can't beat the price.

The most annoying thing was trying to read what rule I needed to setup viewing the log to allow the DNS server to use root hints. Damn those NetBios Broadcasts.

FYI: The VisNetic Firewall is just a rebranded version of the firewall from 8signs. You can get the exact same firewall for less - http://www.8signs.com/ - and they even mention they that VisNetic rebrands thier firewall.

Now I can save $, thx:D

Wait! There is a better deal on Visnetic, I got it for $75!! I just have to find that link.

LighthousePoint, you said you're running Visnetic Firewall on a couple of boxes. Are you having any problems?
There are people (including me) who suffer from blue screens after installing this firewall. But I've heard something about problems with Terminal Services, are you using those to administer this firewall?

One thing is the program will only interact with console at if you use automatic startup.

You can either use the remote control program or allow connections when firewall is down turn off confirm shutdown and end the service and start it up from your TS desktop to get direct access.

The remote way is more preferable.

The only time I've actually needed to access the console for Visnetic is to enter the license key - after that I brought it back as a service. But it's a bit odd having to enter a registration key for both the remote admin AND the console - you'd have thought entering the key within the remote admin would also update the service running on the server too..

Regards,

Martyn

:S It's not very stable is it? I can be connected via RDP and it boots me out of the blue. I just added a white list to my remote IP. Hopefully that helps.

It also seems that if I RDP or go to Ensim's site admin, then I can not go to a domain on the server via standard http. This is really strange.

Stupid Visnetic, customers get auto-banned for using "delete" in phpMyAdmin

Ok, im trying to install this Visnetic. On their site i downloaded two files.

1) vfsetup.exe and
2) vmpsetup_en

I assume the vfsetup.exe is the one i have to upload to the server and install it, which is exactly what i did the other day. Problem is after i set it up i could not find any config wizard. :confused: So where is the mysterious config wizard. Also, some of the HELP files were missing and the ones that wer'nt showed completely different options and pictures that had nothing to do with the version i downloaded.

When i clicked on the desktop icon i was presented with an empty box with options that would not allow me to configure. When closed the app the icon went down into the tray. I cant make any sense out of this thing. Its v2.2 how does one get the config wizard to show up? Nothing came up during the install. Just asked for a key and it finsihed the installation.

In finally uninstalled it thinking i had installed the wrong app but i think the vfsetup.exe file is the one im suppose to be installing?

The other one is the app im supposed to install on my computer i assume this is the remote admin app?

Can somebody verify this?

Thanks

Hint:
use %windir%system32mstsc.exe /console /v:Your_server_IP
to connect with RemoteDesktop, you will connect to the console and will be able to administer your Visnetic Firewall

Thanks, but i dont think thats the answer i was looking for.

Oops, sorry I was replaying in general... because that's the way to administer Visnetic. Remote administration util does not give access to all functions, like HTTP filtering for example.

Also strange is your experience with Visnetic, I had Wizard run right after installation...

http://www.deerfield.com/download/visnetic-firewall/
there is only one file: vfsetup.exe, that should do it

By the way, Wisnetic Firewall Configuration Wizard is in my Visnetic Firewall program group.

Ok so which goes on the server vsetup? or do you install them both on the server? Also, my version is 2.3 however the version downloadable from here is 2.2, http://www.deerfield.com/download/visnetic...ewall/index.htm

This company is messed up. Do they even know?

Install vfsetup.exe, forget the other file. Download 2.2 from the link above and install on console, you should get the Wizard and all should be fine
(maybe you got 2.3 which might be beta)

Visnetic and 8signs are both $199 is this correct?

I saw someone saying that you could purchase it for $75?

Does anyone know of a cheaper solution?

I may have 6 or 10 of these licenses that I purchased and they refused to refund after I discovered that the product caused my server WAY more problems than it fixed. You may have better luck, want to buy them

Honestly, as much as I would like to sell the licenses and reclaim the money I feel like I was ripped for... I would rather do the right thing and advise you to use IPSEC within Windows Server which is free. Took me a while to figure it out but once you do, it works flawlessy. I had SOOOOO many problems with 3rd party windows firewalls and I will NEVER use one again. It's hardware based for me or IPSEC, PERIOD.

Listening to this advice, at least on a server that will have any sort of real traffic, will save you a LOT of future headaches.

Thanks for that,

I am using the IPSEC built in and have only enabled the basic ports but you cant tell if its working or not, I mean, ive just installed AVG and wasnt asked if I wanted to allow AVG to access the web for updates or anything?

How do you go about setting up this sort of security within IPSEC

For starters, get your incoming traffic properly blocked. You can do port scans on your box to be sure that's working.

Securing outgoing is MUCH less important.

Once you secure the outgoing you know it's working if you have a port blocked and all applications on that port DON'T work.

OK,

Ive run shields up don't know if this is a good thing, however it only shows the following ports open on the standard 0 - 1056 ports scan 21, 80, 110

All the rest are STEALTH with a couple closed.

Any further info would be appreciated.

I would suggest using a better port scanner that you can download and install on your local machine.

Shields up is cool but I personally feel more comfortable using something a little more feature rich when it comes to securing my servers.

I can't remember or find the one I usually use but there are some VERY good free/cheap ones out there.

Maybe someone else on this thread can suggest a few good port scanners.

Yea, I bought it for $75. It works great, W2k3 issue has been finaly fixed and it's very stable - no crashes, reboots, etc.
And most important: it's not a simple port blocker like IPSec, it's also HTTP Filter - can prevent from brovser attacks. You are not going to block port 80, aren't you?

Oh yes, the link
VisNetic Firewall 1.x Server - Single User - $74.95
http://www.deerfield.com/products/visnetic...tiveupgrade.htm

A note: you are getting Visnetic Firewall from Deerfield.com which is only a reseller (8signs.com is developer) but it doesn't matter. Upgrades are made available on Deerfield's web page same day as on 8signs.com
Cheers!

Ahh, yeah sorta worked this way for us too when we didn't have any or very little traffic running through it.

How much traffic are you pushing through this software right now?

I think it all depends on what you are doing with the server. If you are running something that is not mission critical to your business and or doesn't have much traffic then I guess these solutions may be fine.

Bottom line is that I have been through at least 3 or 4 of these 3rd party, software based firewall products and on a production server they were all horrible.

I have nothing to gain here, just letting you folks know my experience so maybe I can save others a lot of time, pain and black eyes on their business.

Port blocking is going to protect you from most of what you need to be protected against. A good virus protection product will do most of the rest.

Flashy, cool looking graphical apps may make you feel good but I am not sure they do much else except cause headaches.

Additionally, this sort of thing is exactly what I am talking about:

>>
W2k3 issue has been finaly fixed and it's very stable - no crashes, reboots, etc.
>>

What makes you think other things about the software won't make it crash/reboot?

IPSEC is not as fancy looking but I think crashes and reboots not happening is a pretty slick feature, don't you?

because I have all the software I need running on my server and I haven't had single crash since the fix has been provided (about two months ago), and after a month of uptime the firewall exe still takes the same 3MB of memory...
It's not flashy, has no graphs, but works as expected and customizable HTTP filter is great thing.
I'm not pushing much, currently around 50GB/Month.
You may have tried many software firewalls but looks like you haven't tried 8Signs.

I'm happy with 8Signs, but of course everybody is free to use any tools he prefers

I have tried 3 or 4 I think but Visnetic and Tiny were two of them. Since Visnetic is the same as 8 signs, that means I have tried it.

Been a while since I got disgusted with the hole thing and went to IPsec so, maybe they improved. I think the basic idea that they are not stable still remains though, at least in my mind

If you were to try something, go for 8Signs. At the time I bought it, there were problems, but we all worked closely with developers, provided dumps and things like that and now it's great piece of software
Also, people have problems with 8Signs because they do not RDC to their servers with /console switch.

When I noticed my server is up and running without single reboot for 5 weeks after the issues have been fixed, I was very pleased and am still pleased.
It does things like this automatically:
IP Banned, reason: HTTP Method not allowed: 'PUT /xiforinfola.htm HTTP/1.0'

and I know this trick wouldn't work anyway, but firewall's default action is to ban IP for one day, so no more tricks for hacker to try - I like that.
Take care!

My box:
Windows 2003 Standard, 512MB RAM
Visnetic Firewall
MailEnable Pro
HELM
Urchin 5.7
MySQL 4.1.9
PHP 4.3.10
Microsoft DNS Server
IIS 6.0 + ZipEnable v2.0 for IIS Trial
Acronis True Image Server 8.0