cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Firewall automatically grants full access

I have been using McAfee products for quite a few years and in the last couple years the products has become more and more frustrating to use as a "power user."

My major gripe now, and if not resolved will cause me to cut my ties with McAfee, is that the firewall seems to grant full access to applications without asking permission. I just built a new system and added McAfee Total Protection, and went to configure the firewall. I set it to Traffic Contoller: Stealth. And in Smart Advice and Advanced Settings I have tried both unchecking Smart Advice and checking it with "Ask me to decide" marked.

The new system is a Win XP SP 3.

After I experienced this, I went to my other system, Win 7 Pro and also tested it. The firewall there now seems to automatically grants access to applications too. Previously I was able to get it set to asked me for application access at one point, after much frustration playing with settings. But it seems that it no longer asks permission before granting access anymore.

I am questioning the purpose of McAfee firewall, it doesn't seem to function anymore, it's just there to make users "feel" safe, while not performing any function at all. It definitly isn't blocking access...it just lets applications have access without asking for permission.

The only way I can "Manually" set firewall permissions is to contantly check the firewall settings to see what applications have been given access and then to manually set it to block. The solution seems rather pointless, becuase any malicious program will do its damage faster then I check the settings.

Is there a solution to this, to have the firewall ask permssion for application access rather than automatically granting it? Or is this a new feature for McAfee so as not to burden the user with a choice?

Update: Lets now add to the frustration level. Ok, so previous to installing "Total Protection" I was able to map drives on the new system and share files. When I tried after the install, no more file sharing (I guess the firewall does block something). So I check the settings, Windows File Sharing ports 137-139 are checked to allow, the IP range for both computers is listed as Home network...still no file sharing. So I just decide to disable the firewall...still no file sharing.

So lets add this to the list of quesitons to be resolved, why is the firewall blocking file sharing when I have set it to be allowed?

You would think this would be something simple to set up becuase this is something users would normally do between computers on a home network.

Message was edited by: annoyeduser on 12/18/12 9:32:21 PM CST
4 Replies

Re: Firewall automatically grants full access

Strange I have my 12.1 version set to monitored acess and it pops up and asks to allow utorrent and peerblock just today after a new install. What version have you got if not 12.1 maybe update to it if your version is a mcafee subscription ie not from an ISP or say a partner such as Dell as some hold back upgrades till they test them. Ok if you have XP 12.1will not as yet install on it  sorry missed that.

Re file sharing mine was working but not at the moment I can read the Pcs just not cpy to them. I have not chased up if Mcafee a cause but I feel not as there would have been a wave of posts re this.You said with firewall off still no sharing.

Maybe a reinstall clearing all Mcafee files by

http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS101331

reboot then run

http://download.mcafee.com/products/licensed/cust_support_patches/Mcpreinstall.exe

and reinstall from your account

You also can call support as well but try above First. I will privately ask a firewall developer to read your post as well

Message was edited by: Peacekeeper on 20/12/12 5:54:01 AM
lixiao
Level 7
Report Inappropriate Content
Message 3 of 5

Re: Firewall automatically grants full access

Well, first I will try to explain how Firewall decides application permissions. For each new application that was trying to access network and was unknown to Firewall, it will follow logic below:

  • If VirusScan is present and Firewall’s NetGuard feature is ON, Firewall is going to give the application full permission. The assumption is made based on On-Access Scanner will catch the malware (if the application was), and NetGuard will prevent the application from making connections to malicious IP addresses (even if the application itself might be legitimate, e.g. IE).
  • If VirusScan is present but NetGuard is turned off, Firewall will only give the application out-bound permission.
  • If VirusScan is not present, Firewall will literally prompt for everything.

However there is one exception: if the application meets following conditions:

  • It has an embedded digital signature that can be verified by Windows (e.g. if you right click on the executable properties and view the digital signature, its certificate can be chained up to a good root CA);
  • The company who signed the application is known to McAfee, e.g. Microsoft, Google, etc., note that the list of such companies are extremely short;

Firewall will give full permission to these applications automatically based on the assumption that 1) they came from well-known sources,and 2) their network traffic will still be subject to NetGuard inspection. One typical example is Google Chrome, it has updates every few weeks, it is digitally signed by Google and majority users don’t want Firewall prompting for each of them, not to mention that NetGuard (or Site Advisor) will check each web site they make connections to.

Right now there is no setting on UI to allow user to turn off this signature-based trusting, as we haven’t heard much complaining about it. Please check whether the applications which were given full permission by Firewall under Stealth settings fall into this category. For applications not with a digital signature from a trusted signer, Firewall will prompt them under Monitor and Stealth security settings.

Now move on to File Sharing. In 12.1, Firewall introduced a new feature internally we call it automatic sync. It works like this: if user turned on remote desktop, media streaming or file and printer sharing in Windows, McAfee Firewall will make changes automatically to its settings in order to make these features working without the need from user to change McAfee Firewall settings manually. The automatic sync will turn on or off corresponding system service rules automatically and add additional ports if necessary.

If you are having issue with File Sharing, please check following:

  • File Sharing is turned on in Windows;
  • File Sharing rule is enabled (checked) in McAfee Firewall;

If you are still having issue with File Sharing, please send us diagnostic logs with following steps:

  • Visit http://beta.mcafee.com/betamcafee/McTrace.aspx, download McTrace.exe onto your computer, launch it and click on Next button;
  • From another machine, try to access shared folders on the first computer;
  • Back to first computer and click on Stop buttonon McTrace, it will create MCLOGS.zip on the desktop;
  • Please send MCLOGS.zip to me (I will send you a private message in the forum shortly with my work email address).

Best regards

on 19/12/12 3:55:53 EST PM

Re: Firewall automatically grants full access

Thank you for the explanation on how the firewall decides permissions. It would be nice to have a setting to turn off the signature-based trusting. Privacy/personal information has become a commodity these days for all companies, it would be nice to have the option to set it to ask for permission for access no matter what. This is something that used to occur with the firewall, but not anymore.

I will have to look at the settings for File sharing, I have not had a chance to look at it after reading your email.

lixiao
Level 7
Report Inappropriate Content
Message 5 of 5

Re: Firewall automatically grants full access

Actually no functionality change was made with regards to the application prompting. It is just because Microsoft started signing their binaries and so did Google to Chrome, as result we added these two companies into trusted signer list. We will raise the question of disabling signing trust.

How Many Badges Can You Collect?
Ready for a little competition? Members like you are earning badges and unlocking perks for their helpful answers. Are you? Click here to find out.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community