Marg

Firewall Status Is In Red

Recommended Posts

Hi everyone! My Firewall status is in Red. I have Win 10 with Internet Security 2017.8.0.7904  I checked my Firewall Status & all is in Red. Private Network X in Red   Public Network X in Red but, connected   windows firewall state is off  firewall is not using the recommended settings warning.  Is this normal???? Thanks!! Marg

Share this post


Link to post
Share on other sites

No, it's not normal.   If you look at the 'Forensic log' (ie in Security Overview click on Logs then the Forensic tab) do you see any pertinent messages? 

Have you just rebooted, or woken your machine from sleep/hibernate, or installed some other piece of software?   If you did see any messages in the log, do you recall doing anything around that time?

Share this post


Link to post
Share on other sites

When I first installed Emsisoft Internet security the firewall status was the same display & I thought it was normal. The firewall log seems to be working OK.. I get no warnings from Emsisoft that the firewall is down in the logs. I installed nothing new.

Share this post


Link to post
Share on other sites

On the 'Security Overview' screen in the lefthand 'Protection' panel, there should be a series of ticks next to the various components of EIS.   I assume there's a cross next to the "Firewall" entry?  What happens if you click on the cross?    Maybe you just clicked on a previously-displayed tick, by accident? 

Here, if I turn the firwall on/off the Forensic log will gain entries saying this was done.  It's worrying if your EIS is saying in red that the firewall is not going, doesn't show log entries saying it's been turned off at any stage, and doesn't also have the cross (rather than a tick) next to the "Firewall" entry on that pane.

Share this post


Link to post
Share on other sites

Yes EIS ... protection/firewall. It looks like you can't help me answer the question though but, Thanks for trying to help out.!! The Firewall does seem to be working.

Share this post


Link to post
Share on other sites

Just to be clear, are you saying that some of the text that is black (on my system, as shown in this screenshot), is red on your system?

https://www.dropbox.com/s/2vbfbnz767byv83/20170902 1829 EISfw.jpg?dl=0

 

Or, are you talking about the red crosses that are, for example, on the top two and bottom two lines in the list of rules show there?

Share this post


Link to post
Share on other sites

There is no problem.  This display shows the standard set of firewall rules that will be used whether you have a private or public network, for all your network traffic.  For each item of traffic, inward or outward, you consider the rules starting at the top of the list.  The first two lines tell you that both TCP and UDP traffic, of the types used to control Windows Services, will be blocked IF it happens on a public network (eg if you're using WiFi in a coffee shop).  That's to say, it also implies that the same traffic if it is on a private network (eg your home LAN) will not be blocked - though of course other rules might affect that.  Also the first rule is there to block inward traffic while the second blocks it in both directions (as the arrows in column one are meant to imply - poorly I think).  Note that the name of the rule eg the bit that ways "Windows Services" is just a label - a rule doesn't magically know which traffic is for such Services.  If you look at the rule's definition you will see a list of 'ports' (which are like flavours of traffic) that the rule(s) affect.

The third line down is a summary one; it says that on all (ie both) types of network, both TCP and UDP traffic might be automatically allowed or automatically blocked according to a separate set of rules set up in EIS in the 'application rules' section.  That's to say that you can, in application rules, dictate what particular programs you run on your system can do.  However nothing in the application rules will override the decision to block traffic if that was made by the rules at the top of the list.

The next two lines say that TCP/UDP/ICMP traffic will be allowed (for any trusted program) provided it's happening on a private network.   That means trafic for programs that EIS believes are ok, even though there won't be specific per-application rules defined for them.  'Trusted' means things like: digitally signed (so likely to be from a reputable supplier).

Then, 'destination unreachable' packets are allowed.  These are replies when your system tries to send traffic to some place that can't be reached.  Getting them back allows your system to find out that the original traffic did not get to where it was being sent.

And so on....
 

There's nothing on that display that tells you whether EIS thinks you're using a public or private network.  To see that, you need to click the Manage Networks button at the lower left.  Then on the next screen, in the top section Network adapters and connected networks' you'll see a list of the various adaptors (eg WIfi capability, LAN-cable sockets) that your computer has, and something telling you which of those is currently in use.  And it will say whether that adapter/socket is currently being treated as a private or public connection.  If you wished to change that, eg to run your home LAN connection temporarily as if it were a public network, you'd click on the existing public/private' description and EIS will give you the chance to change it.    The bottom half of the display 'adapter properties' is all about how EIS will classify a new connection if it encounters one it's not seen before.

Share this post


Link to post
Share on other sites
On 9/2/2017 at 9:43 AM, Marg said:

Under protection the firewall is checked & appears to be working. Public network is in red but, I don't have a public network.

On 9/2/2017 at 1:27 PM, Marg said:

Yes EIS ... protection/firewall. It looks like you can't help me answer the question though but, Thanks for trying to help out.!! The Firewall does seem to be working.

Just for clarification, the red that you see means that those rules block specific ports when your network is configured as "Public". Green icons in the firewall rules are for ports that are open. If you didn't see any red in that list, then there would be something wrong with your firewall rules. ;)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.