I have been using McAfee products for quite a few years and in the last couple years the products has become more and more frustrating to use as a "power user."
My major gripe now, and if not resolved will cause me to cut my ties with McAfee, is that the firewall seems to grant full access to applications without asking permission. I just built a new system and added McAfee Total Protection, and went to configure the firewall. I set it to Traffic Contoller: Stealth. And in Smart Advice and Advanced Settings I have tried both unchecking Smart Advice and checking it with "Ask me to decide" marked.
The new system is a Win XP SP 3.
After I experienced this, I went to my other system, Win 7 Pro and also tested it. The firewall there now seems to automatically grants access to applications too. Previously I was able to get it set to asked me for application access at one point, after much frustration playing with settings. But it seems that it no longer asks permission before granting access anymore.
I am questioning the purpose of McAfee firewall, it doesn't seem to function anymore, it's just there to make users "feel" safe, while not performing any function at all. It definitly isn't blocking access...it just lets applications have access without asking for permission.
The only way I can "Manually" set firewall permissions is to contantly check the firewall settings to see what applications have been given access and then to manually set it to block. The solution seems rather pointless, becuase any malicious program will do its damage faster then I check the settings.
Is there a solution to this, to have the firewall ask permssion for application access rather than automatically granting it? Or is this a new feature for McAfee so as not to burden the user with a choice?
Update: Lets now add to the frustration level. Ok, so previous to installing "Total Protection" I was able to map drives on the new system and share files. When I tried after the install, no more file sharing (I guess the firewall does block something). So I check the settings, Windows File Sharing ports 137-139 are checked to allow, the IP range for both computers is listed as Home network...still no file sharing. So I just decide to disable the firewall...still no file sharing.
So lets add this to the list of quesitons to be resolved, why is the firewall blocking file sharing when I have set it to be allowed?
You would think this would be something simple to set up becuase this is something users would normally do between computers on a home network.
Strange I have my 12.1 version set to monitored acess and it pops up and asks to allow utorrent and peerblock just today after a new install. What version have you got if not 12.1 maybe update to it if your version is a mcafee subscription ie not from an ISP or say a partner such as Dell as some hold back upgrades till they test them. Ok if you have XP 12.1will not as yet install on it sorry missed that.
Re file sharing mine was working but not at the moment I can read the Pcs just not cpy to them. I have not chased up if Mcafee a cause but I feel not as there would have been a wave of posts re this.You said with firewall off still no sharing.
Maybe a reinstall clearing all Mcafee files by
http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS101331
reboot then run
http://download.mcafee.com/products/licensed/cust_support_patches/Mcpreinstall.exe
and reinstall from your account
You also can call support as well but try above First. I will privately ask a firewall developer to read your post as well
Well, first I will try to explain how Firewall decides application permissions. For each new application that was trying to access network and was unknown to Firewall, it will follow logic below:
However there is one exception: if the application meets following conditions:
Firewall will give full permission to these applications automatically based on the assumption that 1) they came from well-known sources,and 2) their network traffic will still be subject to NetGuard inspection. One typical example is Google Chrome, it has updates every few weeks, it is digitally signed by Google and majority users don’t want Firewall prompting for each of them, not to mention that NetGuard (or Site Advisor) will check each web site they make connections to.
Right now there is no setting on UI to allow user to turn off this signature-based trusting, as we haven’t heard much complaining about it. Please check whether the applications which were given full permission by Firewall under Stealth settings fall into this category. For applications not with a digital signature from a trusted signer, Firewall will prompt them under Monitor and Stealth security settings.
Now move on to File Sharing. In 12.1, Firewall introduced a new feature internally we call it automatic sync. It works like this: if user turned on remote desktop, media streaming or file and printer sharing in Windows, McAfee Firewall will make changes automatically to its settings in order to make these features working without the need from user to change McAfee Firewall settings manually. The automatic sync will turn on or off corresponding system service rules automatically and add additional ports if necessary.
If you are having issue with File Sharing, please check following:
If you are still having issue with File Sharing, please send us diagnostic logs with following steps:
Best regards
on 19/12/12 3:55:53 EST PM
Thank you for the explanation on how the firewall decides permissions. It would be nice to have a setting to turn off the signature-based trusting. Privacy/personal information has become a commodity these days for all companies, it would be nice to have the option to set it to ask for permission for access no matter what. This is something that used to occur with the firewall, but not anymore.
I will have to look at the settings for File sharing, I have not had a chance to look at it after reading your email.
Actually no functionality change was made with regards to the application prompting. It is just because Microsoft started signing their binaries and so did Google to Chrome, as result we added these two companies into trusted signer list. We will raise the question of disabling signing trust.
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.
Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership: