Lavasoft FAQ pages
Search
Search results
We found 17 FAQ entries matching your search criteria.
If your serial number/registration key/activation code has been lost, there is a quick and easy way to get it back.
1. Log in to the Support center: http://www.lavasoft.com/support/supportcenter/
2. In the left menu, under 'Support Center', select 'Your Licenses'.
3. Here you will find your license info. Below your license you can find a letter icon: 'E-mail Serial Number' and clicking it will automatically send an email with the serial number to your registered email address.
Note: the 'E-mail Serial Number' notification email may be filtered as spam. Please, check your spambox/ junkmail
Below is a detailed description of each group of rules given in the order they affect and control incoming or outgoing traffic.
| Rules | Description |
| Plug-Ins (Components) | Personal Firewall plug-ins(components) that can affect connection (i.e. block or allow it), control network data before any rules
processing starts and can therefore take priority over any other rules. For example, an intruder will be blocked by the Attack
Detection plug-in (component) regardless of whether his IP address belongs to a Trusted network. Among such
plug-ins (components) are Attack Detection, IP Blocklist, BlockPost, SuperStealth. Plug-ins (components) process traffic according to the
order of their registration in Personal Firewall's kernel driver. Built-in Personal Firewall plug-ins(components) process traffic before
third-party plug-ins of the same priority.
Note: All other plug-ins (components) do not affect connection and have equal priority. They process traffic after all rules are processed according to the order of their registration in Personal Firewall's kernel driver. Built-in Personal Firewall plug-ins (components) process traffic before third-party plug-ins of the same priority. |
| Application/Global Rules with the "Ignore Component Control" flag set | In Personal Firewall 3.0 the Ignore Component Control flag increases a rule's priority,
but disables component checks for that application, so it should be used sparingly.
This flag allows you to override NetBIOS and Trusted zone rules if necessary. It can also be used to avoid the data transceiving delay required for component checks as some processes can malfunction if given such delays. |
| Trusted/NetBIOS Zones | If the source or destination IP address lies within a network/subnet designated as Trusted, then traffic will be allowed. If NetBIOS is allowed to or from those addresses, then only traffic to or from NetBIOS ports on those addresses will be allowed (TCP ports 137-139, 445 and UDP ports 137-138). |
| Global NetBIOS Blocking Rules | Traffic to NetBIOS ports (TCP ports 137-139, 445 and UDP ports 137-138) is blocked, because traffic sent to or from a NetBIOS zone would have been matched by the Trusted/NetBIOS Zones rules above, so would not reach these global rules. |
| Global Rules with the "High Priority" flag set | Personal Firewall 3.0 allow for global rules to be Marked as High Priority. Such
rules are processed before Application Rules, so this option should be used only in cases where certain network
traffic is to be blocked completely.
Note: According to the current Personal Firewall architecture, if the Ignore Component Control flag is set for a global rule, the High Priority flag for this rule does not affect the rule's priority. |
| Application Rules (Blocked/Trusted/Partially Allowed) | Traffic to or from applications in the Trusted applications group is allowed. Traffic to or from applications
in the Blocked applications group is blocked.
If an application from the Partially allowed applications group is sending or receiving traffic, its rules are then evaluated to see if they specifically allow or block traffic in the order they are specified in the Options > Application > Edit > Modify Rules list (top-down). Application rules can only be set for TCP or UDP traffic. Other protocols can only be handled via global rules (except for ICMP, which is handled separately; see ICMP Rules). Note: These groups have equal priority since an application cannot be in two or more groups at the same time. |
| Low-Level Rules | These rules control system traffic transferred by protocol drivers that use IP protocols other than TCP or UDP, transit packets, and other non-application traffic that cannot be controlled at the application level. |
| Global Rules | These rules are applied for all traffic that has not matched any of the previous sections. Rules for protocols other than TCP and UDP can only be set here by selecting the subtype of IP protocol. |
| ICMP Rules | These rules handle ICMP activity on a type-by-type basis according to the settings in Settings > Firewall > Network Rules > ICMP Settings... window. |
| Allow Outgoing NAT Packets to Internet | If Personal Firewall detects that ICS (Internet Connection Sharing) is in use, then this rule and Allow Incoming NAT Packets from LAN will be applied. Packets coming from a network listed in LAN Settings to an outside address and replies coming back are allowed by these rules. |
| Personal Firewall Policy | When no rules have been matched and the packets are local (either the destination or source address matches a network interface
on the PC), the current Personal Firewall policy takes precedence.
Allow Most mode will allow the traffic that is not specifically blocked by Personal Firewall rules. Block Most mode will block traffic that is not specifically allowed by Personal Firewall rules. In Rules Wizard mode, if a connection is requested that uses some "other" (non-TCP, UDP, ICMP) protocol, a pop-up dialog box will ask whether the connection should be allowed or blocked. If the traffic is TCP/UDP and can be linked with an application, a dialog box will ask whether this application activity should be allowed or blocked. TCP/UDP traffic that cannot be linked with an application ("system" traffic) will be blocked with the reason Reject Connection to Port Opened by System. Note: While a dialog box is waiting to be answered, the outgoing connections are frozen and incoming connections are blocked (the reply given will then apply to the next incoming connection that matches the rule created). |
| Allow Incoming NAT Packets from LAN | See Allow Outgoing NAT Packets to Internet. |
| Block Transit Packets | This is applied when neither the destination nor the source IP addresses match those of any of the system's network interfaces (i.e. the network packet is passing through the system to somewhere else). Such packets are blocked (with the reason Block Transit Packets given in the Personal Firewall log). |
Before closing a port, ensure that it is actually open.
You should also determine whether the port is used by an application or the system in order to select the appropriate way to close it. This information is displayed on the Open Ports (Used Ports) page.
If you see that an application is using the port and you want to block the connection of the application through this port, you need to create a rule for this particular application.
If the port is opened by the system or you cannot identify which application opened it, it is possible to close the port globally. However, you should remember that closing a port globally may lead to negative consequences, as far as legitimate network activity might be blocked as well.
To close an open port for a specific application:
* Make sure Personal Firewall is not running in Disabled or Allow Most mode.
* Open Personal Firewall's main window and click Used Ports in the left panel.
* Look down the Local port column of the information panel and search for the port number you want to close, for example "XYZ".
* Right-click the process using that port in the Process Name:Process ID column. Select Create Rule for Application to create a rule for the application that opens this port. Personal Firewall fills in all the required data automatically; you only need to specify the action to be performed when the rule is triggered.
* In the Rule transcript field, click the keyword of the rule action and select Block. You can optionally select Report this activity in the Specify rule options field.
* Name the rule, so that you can remember it later (in the Rule name field) and click OK to save the rule. You should now see the new rule in the list of the application rules (Settings ? Network Rules, double-click the application in the list). Important: If there are other rules for the same application, select the rule you have created and click the Move up button until the rule appears at the top of the list. Click OK and then Apply.
* Verify that the port scanner can now detect the port.
To close an open port for the whole system:
* Make sure Personal Firewall is not running in Disabled or Allow Most mode.
* Click Settings ? Network Rules ? System-Wide Rules ? Low-Level Rules.
* Click Add to create a new rule.
* In the Rule transcript field click the IP keyword in the Where the protocol is line and specify the TCP protocol.
* In the Select the event the rule will handle field select the Where direction is and Where local port is events.
* In the Rule transcript field click the Undefined keyword next to and direction is and specify the Inbound connection direction.
* In the Rule transcript field click the Undefined keyword next to and local port is and specify the port number.
* In the Rule transcript field click the keyword of the rule action and select Block.
* In the Specify rule options field select Mark rule as High Priority. You can optionally select Report this activity as well.
* Name the rule, so you can recognize it later, (in the Rule name field) and click OK to save the rule.
* You should now see the new rule in the list of low-level rules.
* Verify that the port scanner can now detect the port.
Note: A port should not always be blocked. For example, if you are operating a web/FTP server for public usage, the ports used by the server need to be open, so your server can be accessed and a port scanner will (and should) detect these ports as open. If these ports are closed, your users will not be able to "see" your web/FTP server. Also, be aware that some ports can be blocked by your Internet provider (for example, 139, 137, 135, 80) which may cause incorrect results of an online scan of those ports.
Open the e-mail message that contains the license key and select all the text between "Registration key begins" and "Registration key ends" using your mouse (click before the first character in the first line of the key and while holding down the left mouse button move the mouse to the last character in the last string of the key, release the mouse button when you have highlighted the entire key as shown in the picture below).
# Right-click anywhere inside the highlighted text and select Copy from the shortcut menu to copy the license key to the Clipboard (a generally invisible area used for Copy and Paste actions).
# Select Start ? Programs ? Lavasoft ? Lavasoft Personal Firewall and click Enter Registration Key. In the Enter Key window, click the Paste button and your registration key (which you copied to the Clipboard in step 2) will be inserted into the blank box from the Clipboard.
# Click OK to save the key and close the dialog to complete the registration process
You can log in to download a new copy of Lavasoft Personal Firewall here.
When logged in, select your product from "Your licenses" ? "Download software".
Double-click the file once downloaded and follow the on-screen instructions in the Installation Wizard to install
Click 'Finish' to complete the installation and to launch Lavasoft Personal Firewall
As long as you hold a valid license, you can log in to download the latest version of Lavasoft Personal Firewall here.
When logged in, select your product from "Your licenses" ? "Download software".
Double-click the file once downloaded and follow the on-screen instructions in the Installation Wizard to install
Click 'Finish' to complete the installation and to launch Lavasoft Personal Firewall
Ensure that the Rules Wizard firewall policy is on, by right clicking on the Firewall icon in the Windows System Tray and and going to Firewall Policy. This will help you control all the connections that do not come under any rule.
If the problem persists
In the product's main window click Event Viewer. See what is blocked and why (in the Allow/Block Reason column). Modify the appropriate rule.
If this does not help, temporarily disable the Lavasoft Personal Firewall product protection and check if the application is still blocked. To currently disable the product protection, right-click the product icon in the system tray and select the Suspend Protection option. Select the period of time for suspension and click OK.
Check if the application is still blocked,if it is, click Settings ? Network Rules. If you see the application in the Blocked list, drag it to the list of Custom Access. If it is already in the Custom Access list, drag it to Trusted.
If you have had to change your hard disk or reinstall the product on your computer during the license period, you can use your registration key. You just need to insert your registration key in the corresponding dialog box. The licensing term will not be changed, this is defined at time of purchase. For further assistance, please log-in here.
Licensing term starts: when your 25-character activation key is issued shortly after the purchase is confirmed. It does not depend on the exact time when you enter it into the corresponding program's dialog box. For license purchasing information please contact sales@lavasoft.com
For further pricing/multiple license information please contact sales@lavasoft.com
In order to Install Lavasoft Personal Firewall you will need to be logged in to Windows as an Administrator or have sufficiant rights on your Windows user account. Some user accounts may not have sufficiant privilages. If you are unsure, contact your system Administrator or the person who has installed Windows on your computer.
The license agreement you sign after purchasing Lavasoft software grants you the right to use the software for the duration of your licensing period. The product you install, automatically checks for the license agreement and determines the licensing period based on the license key. The product can have only one active license key. After a licensing term is complete, the components and modules update function are no longer available for the Lavasoft Personal Firewall software. If you have no current license key or if a trial key has expired, the application will not download updates. For further information please contact sales@lavasoft.com
* When you come to the last step of the Configuration Wizard, select No, I will restart the computer later and open the Lavasoft Personal Firewall settings. Click Finish: * Select the Network Rules page and click System-Wide Rules. Select the Low-Level Rules tab * Create the allowing rule for incoming TCP packets to local port 3389 and mark this rule as High Priority: * Click OK and move the rule to the top of the list: Note, that if this rule is not created, you will not be able to connect to the computer remotely after it is restarted at the end of the Lavasoft Personal Firewall installation.
It is is difficult to predict what ports and addresses will be used by any peer-to-peer client such as Skype or others. Creating a set of rules for the ports most often used by the application will most likely restrict its network access, multiple connection prompts will be displayed if working in Rules Wizard mode or some application data will be blocked. We recommend putting such applications into the Trusted applications group. If you use this application on a daily basis, you should more or less trust it, so putting it into the Trusted applications group will not compromise your security. To add an application to the Trusted applications group: * Click Settings on the toolbar. * Select the Trusted group on the Firewall ? Network rules page. * Click Add, browse to the application executable, and click Open. * Click OK to save. To minimize risk and avoid any exploitation of possible vulnerabilities in this software, we recommend updating your applications regularly by downloading and installing new versions or software updates from their vendors.
What exactly do you mean by "automatic application of program network access rules"? With this system, rules that govern how various applications on your computer access the Internet will be automatically configured and applied based on the extensive default settings worked out by experts for each of the most popular software packages people use. This eliminates a lot of decisions a user has to make when a new connection is initiated on their PC. It relieves the end-user of having to correctly (and more importantly securely) configure the security product to handle different programs' access. Before this innovation, inexperienced users reported difficulties managing their firewall, but the addition of automatic rules creation makes working with the program amazingly simple by actual user reports and reviews. Advanced users (who understand the inner workings of network traffic) can choose to disable this option during installation of Personal Firewall or on the Policy tab of the Settings menu for Lavasoft Personal Firewall
Lavasoft Personal Firewall may perform along with some other security products, but not with all of them. Lavasoft Personal Firewall will definitely not perform with security products containing firewalls. Therefore make sure that you delete such programs before installing Lavasoft Personal Firewall. The number of firewalls is constantly growing, below is a list of the most used products incompatible with Lavasoft Personal Firewall: * ActiveArmor Firewall (nVidia Network Access Manager) * AGAVA Firewall * Armor2net Personal Firewall * AtGuard * BlackICE Defender * Check Point Firewall * Comodo Firewall Pro * Danware NetOp Firewall * F-Secure Internet Security/Antivirus * F-Secure Internet Shield * Jetico Personal Firewall * Kaspersky Anti-Hacker * Kaspersky Internet Security * Kerio Personal Firewall * Look 'n' Stop * McAfee Personal Firewall * Norton Internet Security * Panda Platinum Internet Security * PC Firewall * Quick Heal Firewall Pro * R-TT R-Firewall * Rising Personal FireWall * Secret Surf Firewall * Softwin Bitdefender Pro * Sophos Clien Firewall * Sygate Personal Firewall * Tiny Personal Firewall * TheGreenBow TGB::BOB * Trend Micro PC-cillin Firewall * ZoneAlarm Security Suite Lavasoft Personal Firewall is incompatible with the following security products: * BWMeter (Desksoft Network packet filter driver) * NetLimiter Pro Lavasoft Personal Firewalls partial performance with some of the listed products is possible only if you disable firewalls as well as other tools for controlling network traffic contained in those products. However, in such cases Lavasoft does not guarantee stable operation of its software.
Yes, Lavasoft Personal Firewall can be installed on a server, but we do not recommend it. Lavasoft Personal Firewall is designed specifically to run on user workstations connected to a LAN (Local Area Network) or the Internet. Lavasoft Personal Firewall does not provide several important functions that a server firewall must provide and all of its presets are applicable to workstations. A server firewall needs very different application traffic filtering settings, so if you install Lavasoft Personal Firewall on a server with the default settings, much of the useful traffic to and/or from your server will be blocked by default. In addition, a server firewall needs to be able to create rules based on different network adapters being used by the various workstations connected to the server. Moreover, some plug-ins do not affect transit traffic through a server. You can install Lavasoft Personal Firewall on a server so it provides some firewall functions, but - for performance optimization - you must perform the following steps. * Disable Host Protection to prevent popup prompts for user reaction every time an application component or critical system object is changed and an application performs some system activity (click Settings ? Host Protection and clear the Enable Host Protection check box). * Disable Blocking private data transfer on the ID Block page. * Switch off the Rules Wizard mode and select either Allow Most or Block Most. * Disable logging (clear the Log debugging information check box on the Logs page).
