Bd Internet Security 2009 - Firewall Problem

Hi


I was wondering if someone can assist me.


I'm running BD Internet Security 2009 on an XP machine. I'm also accessing the web using Firefox V3


Everytime I try using Google search, the firewall blocks access to the Google Search results.


In fact, the only way I can do searches now is to switch off the Firewall for a duration.


Can anyone suggest how I can overcome this.


Cheers


Michael

Comments

  • Hello Michael,


    Do you get any alerts/warnings/messages from BitDefender?


    What exactly happens when you say you are "blocked"?


    Cris.

  • Hello Michael,


    Do you get any alerts/warnings/messages from BitDefender?


    What exactly happens when you say you are "blocked"?


    Cris.


    Hi Cris


    Thanks for the reply. I dont get any message at all from Bitdefender. All i get is a message within Firefox saying that it cant load the pages.


    Then, when I turn off the firewall, it works fine and the pages are all downloaded (pretty quickly)


    This seems to happen on the Google search pages, Google Calendar, and Seek Jobsearch pages.


    Havent noticed it happening on other pages. And given that I've got the Firewall off all the time now so I can do standard surfing, I havent noticed any other blocks. I've currently got XPs standard firewall running now.


    M

  • alexcrist
    alexcrist
    edited December 2008

    Please go to BitDefender Security Center (Advanced) -> Firewall -> Rules and check all rules for firefox.exe to see if anything blocks any traffic.


    Also, check the Network tab (in the Firewall) and see what level of Trust is set for your network card.


    If you can't find anything blocking access, go to the Activity tab, select Increased Log Verbosity, close the security center, try to access some pages (some pages that are blocked), then go back to the Activity tab and click Show log. Check at the bottom of the log file to see if anything is blocked, and why If anything is blocked by the firewall, it should say something like:



    <date/time> <BD filter/module> Blocked packet for / from <something> because of <reason>. Direction: <direction>, Local Address: <IP-port>, Remote Address: <IP-port>, Protocol: <protocol number>, Local Packet: <number>, PID: <PID>, Process: <process>, Cmd. Line: <cmd line>.
    or something similar to this.


    Cris.

  • Please go to BitDefender Security Center (Advanced) -> Firewall -> Rules and check all rules for firefox.exe to see if anything blocks any traffic.


    Also, check the Network tab (in the Firewall) and see what level of Trust is set for your network card.


    If you can't find anything blocking access, go to the Activity tab, select Increased Log Verbosity, close the security center, try to access some pages (some pages that are blocked), then go back to the Activity tab and click Show log. Check at the bottom of the log file to see if anything is blocked, and why If anything is blocked by the firewall, it should say something like:


    or something similar to this.


    Cris.


    Hi Cris


    Thanks again... I did as you said, and got the following:


    2008/12/05 00:33:04.812 [bDFTDIF][FILTER] Blocked packet for / from closed port because of stealth settings. Direction: Inbound, Local Address: 192.168.0.101-4552, Remote Address: 74.125.19.83-80, Protocol: 6, Local Packet: 0, PID: FFFFFFFF, Process: , Cmd. Line:


    Could you suggest what I'm doing wrong?


    M

  • Packets blocked because of stealth settings are incoming connections (as seen in the Direction:Inbound parameter, which means "incoming connection"). These packets are blocked by BitDefender because a server tried to access a closed port (in other words, it was an unsolicited packet).


    Stealth settings shouldn't affect browsing (or other types of requested network communication) because, as I said, it blocks only unsolicited packets.


    Are there any other lines in the log, which show blocked packets from other reasons than "stealth settings"?


    If you want to check if "Stealth" is actually the source of your problems, go to Firewall -> Settings -> Advanced settings and uncheck Block port scans. Also, go to Firewall -> Network and set the Stealth setting to Off.


    I really don't recommend these settings if you have a direct connection to the internet (as it exposes your computer, making it visible for anyone), but just for the sake of testing disable them for a short time to see if it makes any difference.


    Cris.

  • Try disabling the BitDefender Firewall NDIS FilterDriver under properties for the Local Area Connection. Under Vista for the longest time accessing yahoo email, google searches and internet would be very slow. By disabling it, everything is working fine and there my firewall, all shields still up.


    Packets blocked because of stealth settings are incoming connections (as seen in the Direction:Inbound parameter, which means "incoming connection"). These packets are blocked by BitDefender because a server tried to access a closed port (in other words, it was an unsolicited packet).


    Stealth settings shouldn't affect browsing (or other types of requested network communication) because, as I said, it blocks only unsolicited packets.


    Are there any other lines in the log, which show blocked packets from other reasons than "stealth settings"?


    If you want to check if "Stealth" is actually the source of your problems, go to Firewall -> Settings -> Advanced settings and uncheck Block port scans. Also, go to Firewall -> Network and set the Stealth setting to Off.


    I really don't recommend these settings if you have a direct connection to the internet (as it exposes your computer, making it visible for anyone), but just for the sake of testing disable them for a short time to see if it makes any difference.


    Cris.

  • Disabling the BitDefender NDIS Filter Driver makes the firewall useless, as it won't be capable of filtering any traffic from the network adapter. Please leave that filter enabled, unless you know exactly what you are doing.


    Cris.

  • Hi Cris,


    I should have read your post before deinstalling NDIS Filter :ph34r:. When I try to reinstall it, I get the (German) message: "Die angeforderte Komponente konnte nicht hinzugefügt werden. Fehler: Der angegebene Dienst wurde zum Löschen markiert." I try to translate: "The requested component couldn't be added. Error: the service was tagged for deleteing". How can I get the BD NDIS Filter reinstalled?


    Regards, lutz

  • Hello lutz,


    Well, reinstalling the driver is a little tricky.


    First of all, reboot your computer (if you haven't already done so). After that, follow the steps described HERE, with the following observations:


    • The two patches are BAT files, which have to be saved into your computer and then ran. To save them right click on the link, and select Save target as
    • Step E has to be performed in SafeMode. So, at Step D, when you are told to reboot your computer, reboot in SafeMode (reboot, press F8 multiple times during boot, and, when the BootMenu appears, select Safe Mode). After Step E, reboot normally.
    • During Step E, Windows might alert you about some unsigned drivers being installed. Click Install anyway (or Continue installation, or whatever the approval message is :D ).


    Cris.

  • Thanks Cris for your helpful instructions.


    The patches are EXEs, not BATs, but it worked. Everything's running again.


    Could you please give me an answer for another question I asked anywhen: How can I save all my BD TS settings and rules for possible future reinstalls?


    Regards, lutz

  • alexcrist
    alexcrist
    edited December 2008
    The patches are EXEs, not BATs, but it worked. Everything's running again.


    For a very long period of time those patches were BAT files.


    Because many users had problems saving/running them, I guess they decided to make the patches EXE files (which I didn't know). Thanks for correcting me.


    Could you please give me an answer for another question I asked anywhen: How can I save all my BD TS settings and rules for possible future reinstalls?


    2009 versions don't yet have an Import/Export function, unfortunately.


    Cris.

  • But maybe there are some files that can be saved manually?


    lutz

  • Hi Cris


    Still no good, mate. I've tried everything you've said, and still not able to access Google search.


    I'm a little stumped with this one. The only way I can get search to work is by disabling the Firewall... I'm using Window's built in firewall at the moment.


    Cheers


    M

  • It's very weird, indeed. Especially because BitDefender doesn't block access to any specific domain names (it can only block IPs, or ports).


    Try to reset the BitDefender Firewall rules, and see if it fixes anything: Firewall -> Rules -> Reset rules.


    Also, what other modules do you have enabled in BitDefender? (Parental Control, Privacy Control...)


    Cris.