I just installed it and i have some questions:

1.Why my connection speed is better with Sygate Pro then Norton Personal Firewall

2.I see adds thing that with Norton i didn't , doesn't block the adds Sygate ?

3. And this is just a note , i think is better than Norton. :lol:

Originally posted by sharedholder@9 January 2004 - 13:15
1.Why my connection speed is better with Sygate Pro then Norton Personal Firewall

Because Sygate's packed filtering and scanning is faster and better than Norton's one... :D

:D

1. cause norton's f/w sucks :P

2. no, sygate's not a an ad-blocker, but it can be an ad-blocker :blink:
have to play around with adding advanced rules, but it isnt hard
and you can add rules in groups, where i hear norton has to have entered
one at a time or somethin :unsure: (for ip blocking)

3. yep, norton's f/w sucks :P

I ...sygate kicks butt


Strong & lite...perfect. :)

Ok , almoust conviced .Why i receive atacks every 3 sec's using Sygate ? Maybe something to configure ?

:o attacks? :o :P
what does the security log say?
check it to find the source of the attack,
should pretty much tell ya what you need to know :)

Aplication name svchost.exe . i think is something wrong with my options on Sygate :lol:
Help cause i'm a noob. :lol:

This is the RIPE Whois server.
% The objects are in RPSL format.
%
% Rights restricted by copyright.
% See http://www.ripe.net/ripencc/pub-services/db/copyright.html

inetnum: 80.181.192.0 - 80.181.255.255
netname: TELECOM-ADSL
descr: Telecom Italia S.p.A.
descr: [email protected] service
descr: Wholesale service for ISP
country: IT
admin-c: BS104-RIPE
tech-c: BS104-RIPE
status: ASSIGNED PA
remarks: Please send abuse notification to [email protected]
notify: [email protected]
mnt-by: TIWS-MNT
changed: [email protected] 20020924
changed: [email protected] 20021111
source: RIPE

route: 80.181.0.0/16
descr: INTERBUSINESS
origin: AS3269
notify: [email protected]
mnt-by: TIWS-MNT
mnt-routes: INTERB-MNT
changed: [email protected] 20021001
source: RIPE

person: BBBEASYIP STAFF
address: Via Val Cannuta, 250
address: I-00100 Roma
address: Italy
phone: +39 06 36881
e-mail: [email protected]
nic-hdl: BS104-RIPE
notify: [email protected]
changed: [email protected] 20001019
source: RIPE

is telecom your isp?
if not, block it :D
if you find that this blocks something needed, its easy to un-block :)
and was your icon in the system tray blinking?
or was it just a pop-up from the tray?

The icon on the system try is flashing red every 3 seconds , and yes telecom is my isp. :lol: Heeeeeeeeeeeeeeeeelp :lol:With Norton i didn't have have this attacks every 3 sec's.

I don't know but if you are using mIRC that happens with sygate.

I don't use Mirc or anything else , i just browse this forum . :lol:

Originally posted by sharedholder@9 January 2004 - 12:27
:lol: Heeeeeeeeeeeeeeeeelp :lol:
:lol: ....sorry, its not funny........ :lol:
man, i havent had attacks like that :unsure:
the only time i've been attacked was port scans,
which werent really attacks, cause it was a sygate security scan...

what apps have you allowed net access?

I believe svchost.exe is something to do with Sygate, as I have it enabled, and it only asked me this when I first installed it. Also, to prevent your firewall to keep producing pop-ups telling you about 'Attacks', you'll need to visit Options > General & make sure you tick the box regarding notification.

Samurai :ph34r:

Originally posted by Samurai@9 January 2004 - 20:33
I believe svchost.exe is something to do with Sygate, as I have it enabled, and it only asked me this when I first installed it. Also, to prevent your firewall to keep producing pop-ups telling you about 'Attacks', you'll need to visit Options > General & make sure you tick the box regarding notification.

Samurai :ph34r:
Already done it ,but is still flashing evry 3 sec's the damn thing.
http://server5.uploadit.org/files2/090104-youmean859fj498rmdf.jpg


And this are the apllications:

http://server5.uploadit.org/files2/090104-jf84jdf84i111111111.jpg


http://server5.uploadit.org/files2/090104-u56ned8mm43ie2222.jpg

i think svchost.exe is MS generic host process for win32 services

Flashing is normal. Just means that your firewall is operating normally. Some people have their download / upload meters flashing different colours according to what their PC is doing, i.e red for d/l green for u/l. Don't worry it's all good!

:lol: I repeat , i don't download/ upload anything , just browsing this forum and the icon is flashing red all the time.

I think all the sytem32\*.exe as they are all system files (i think)

damn it SH :angry: :P you used uploadit to post, huh? :lol:
think i still got it blocked in my ip list :lol:
cant see the screenshots :lol:

and svchost is a windows process, not sygate :)
with many different services running under it if i remember right :unsure:

and a flashing tray icon means attack,
or what sygate considers an attack antway <_<

If i don&#39;t get a reply for this problems / attacks/ flashing icon in red all the time i think i will get back the old Norton. :(

Originally posted by FKDUP74@9 January 2004 - 20:48
damn it SH :angry: :P you used uploadit to post, huh? :lol:
think i still got it blocked in my ip list :lol:
cant see the screenshots :lol:

and svchost is a windows process, not sygate :)
with many different services running under it if i remember right :unsure:

and a flashing tray icon means attack,
or what sygate considers an attack antway <_<
Now is flashing red again , and i don&#39;t use Uploadit. :(

hold on, let me take off some ip blocks so i can see you r screenshots,
and see what i can find out.............

http://server5.uploadit.org/files2/090104-attack85940304304.jpg

Check this out

http://www.adriancomputers.com/OT/attack2222222222224565rfrtrt.jpg

Originally posted by sharedholder@9 January 2004 - 19:55
http://server5.uploadit.org/files2/090104-attack85940304304.jpg
FFS DID YOU EVEN READ MY POST???

I didn&#39;t say it was your upload or download that was causing this.. it&#39;s packets of data flowing to and from your PC. Trust me, it is ok.

If you really believe this software is sh*t, then uninstall it. Why don&#39;t you post your log up on here and I&#39;ll tell you where you&#39;re losing the plot.

wtf? i thought you checked the "hide notifications" box?


any way, block EVERYTHING except for:
1. internet explorer
2. generic host processes
(your browser needs these for the net, nothing else)

the nt kernel or none of that sh*t needs access :)
the nt kernel, in fact, was supposed to be an avenue for attacks i think
if i find the articles i read i&#39;ll post em :)

I don&#39;t believe is shit , i love it but why Norton doesn&#39;t warns me every five seconds about those attacks and Sygate done it ?

i&#39;ll see what else i can dig up,
but heres some links for a start
http://search.yahoo.com/search?fr=slv1&ei=...&p=sygate+forum (http://search.yahoo.com/search?fr=slv1&ei=UTF-8&p=sygate+forum)

THE RED FLASHING IS STOPPED &#33; :lol: I removed all the allowed applications and now is stopped. The icon now flashing only on blue or gray. :D

heres another for reccomended rule sets,
type in your f/w&#39;s name and search :)
http://www.pcflank.com/fw_rules_db.htm

Originally posted by sharedholder@9 January 2004 - 13:10
THE RED FLASHING IS STOPPED &#33; :lol: I removed all the allowed applications and now is stopped. The icon now flashing only on blue or gray. :D
:01: :clap: :P :D :lol:

Yes but why ? cause i don&#39;t understand where&#39;s the trick ?

Originally posted by sharedholder@9 January 2004 - 13:14
Yes but why ? cause i don&#39;t understand where&#39;s the trick ?
aww, come on man, cant you just be happy with the results instead of askin why?
:P :lol: :lol: :lol:

How do i get rid of adds with Sygate ? I don&#39;t want another add-blocker.

Ok, look there was NOTHING WRONG with your version. Would you like me to send my version of Sygate to you? It will PROMPT you to allow/disallow programs on your PC accessing the Internet. You can set these as you wish.

All the flashing was, was packets of data being transmitted through your PC.

Currently, I have about 6 using the service...


IE6
Generic Host Process
NT Kernal & System
NDIS User Mode
StatBar
WinMX

ooh, that one you&#39;ll have to work at :(
you can do it through the advanced rules,
the klite and emule ip blocklists is a good way to start
go to bluetack and convert em and put em in advanced rules :)
for what that doesnt cover, i use fastnet99 to get ad sites&#39; ip&#39;s and put em in :)

the draw back is that some of the ip&#39;s in klite and emule lists
may be some sites you want to see
if thats the case, you gotta do some editing :(

I thought i asked you to post your LOGS aswell???

I would like your TRAFFIC, SECURITY, PACKET & SYSTEM LOGS uploaded to show me ALL activity.

Please post these for further help.

logs? :huh:

http://www.allroutes.to/logging/hut.jpg

I give up. I can&#39;t be bothered to help those that need help.

Originally posted by Samurai@9 January 2004 - 14:04
I give up. I can&#39;t be bothered to help those that need help.
:lol: come on bro, just hain some fun with ya :P
the probs already solved
and if your tray icon is flashing red,
thats sygates way of saying your being what it considers attacked
and you dont need to have NDIS or nt kernel allowed
i dont, and my pc&#39;s fine for browsing, p2p, you name it
got 10 or 11 people uploading from right now on emule

in fact, like i told SH, the nt kernel is a known avenue of attack
i&#39;d block it if i were you ;)

i just read through this thread and i noticed u all allow generic host process for windows 32 services access &#33; why ? ive got it blocked as it wanted to get access to the net by itself and why should it do that ?

:blink: blocked and still browsing the net? :blink:
everything ive always been told was that ghp had to have access
for functional net blah blah blah...... :blink:

i keep its icon hidden

why dont you try sygate forum page, its very helpfull. explains everthing regarding your problem.

Originally posted by FKDUP74@10 January 2004 - 14:52
:blink: blocked and still browsing the net? :blink:
everything ive always been told was that ghp had to have access
for functional net blah blah blah...... :blink:
yeh im browsing the net no probs at all . ive blocked nt kernel+ system, lsa shell and the generic host process as they all wanted to access the net even as i was not using a browser so i dont see why they need to get connected to internet. I once heard that it was these processes that actually connect to microsoft telling them what u have on your pc ( that is if u have xp ) ie hardware and stuff

wanna test ya firewall?...go to this thread and lets see how many people pass the test of tests



http://klboard.ath.cx/index.php?showtopic=93125&hl=