Re: Programmatically Change Rules for Sygate Firewall?

From: Casey (Casey_at_nosuch.net)
Date: 10/22/04


Date: Fri, 22 Oct 2004 19:24:53 GMT

In article <deb4d4c2.0410220926.798cf181@posting.google.com>, prothe113@yahoo.com says...
> I'm a programmer, and in my spare time at home, I've been writing a
> streaming MP3 server in C#, in order to develop my C# skills (I'm a
> veteran C++ coder, and .Net is a new world to me) and also so that I
> can access my rather large MP3 collection from work using an HTTP
> stream. Don't worry, this isn't asking about how to write a web
> server -- I've already done that, and it works great.
>
> The problem is Sygate -- I love the firewall; I'm actually MUCH
> happier with the way Sygate operates than I was with ZoneAlarm.
> However, I get the feeling that the Sygate home firewall wasn't really
> designed for people coding their own network servers.
>
> Every time I recompile my server and run it, I have to manually
> re-allow it to pass the firewall. I've tried everything I can think
> of to get around this, and nothing works -- I use a particular
> hard-coded port for entry, and I've tried the (rather crude) tactic of
> simply allowing all traffic from all hosts on that port, but Sygate
> _still_ wants me to re-validate the server app every time I change the
> binary. This is frustrating because I make changes at home and then
> start it up, and then when I hit it at work it's blocked while Sygate
> is waiting for me to allow or deny the traffic -- which means that
> every time I recompile it, I have to wait at least one working day
> before I can hit my home MP3 cache again. A day without music!
> ARRRGH!
>
> I like the anti-hijacking and anti-trojan stuff in Sygate -- I don't
> want to just disable all of that. I'm fully aware that, from a
> security standpoint, Sygate is doing _exactly what it should be doing_
> for my app. But is there a way that I can tell Sygate that for this
> one particular app, it should "trust it" -- that is, ignore changes in
> the binary and always let it through?
>
> Thanks in advance for anyone who's got suggestions on this.
>
> -- Tom
>
Hi Tom. This is way over my head, but I'll try a wild WAG.
When writing the server, could you temporatily include an option
that would permit it to work out through a local proxy.
(such as Proxomitron) Install Proxo and Allow it in app. rules.
Setting the server to work through proxo. This in effect
would give the server an open door right through Sygate.
Casey



Relevant Pages

  • Re: Port 80
    ... Went to Sygate to purchase and download the Sygate Pro ... >> server to return a bogus Server header in order to not leak ... Select SP1a from Windows Update area and install. ... Then go back to WU and install all critical updates. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Sygate: why isnt it registering any attacks when I used to get 30-60/day with ZA?
    ... >>> I haven't figured out how to do that on Sygate yet, ... >> Open the applications list and select an application and highlight it. ... >> on the page that opens the Act as Server box is ticked. ... All apps work just fine without it. ...
    (comp.security.firewalls)
  • Programmatically Change Rules for Sygate Firewall?
    ... can access my rather large MP3 collection from work using an HTTP ... server -- I've already done that, ... The problem is Sygate -- I love the firewall; ...
    (comp.security.firewalls)
  • Re: Microsoft Windows Firewall
    ... > I use Sygate at home, but i also tried to use it on a server at one time. ... There is sure something wrong with your firewall. ... only to be recognized by the XP SP2 security center, ...
    (comp.security.firewalls)