In Part One of my article on Securing your PC I recommended Sunbelt Personal Firewall. This is a companion article on how to use Sunbelt.

I recommend reading the entirety of this article before downloading Sunbelt, with that in mind the first step is obviously going to be to download the program. After that the installation is quite simple. Double click on the icon, accept the license, and then select your installation location. After that you get to the only choice you have in the program installation, Basic or Advanced. I recommend that you choose Advanced because this will give you the most control over the firewall and how it works, and once you’re done with this article you’ll be ready for that, even if you aren’t now. Click next a couple more times and tada. Firewall is installed. At this point choose to Reboot LATER. Now go and disable the Windows Firewall by clicking START -> Control Panel ->Security Center -> Windows Firewall, and choosing Off. Now once you’ve read the rest of the article you can reboot.

When your system reboots and Sunbelt starts it’s going to do a lot of yelling at you at first. If you’ve deported the troublemakers then you can check the ‘Create a rule for this event and don’t ask me again’ box and click ‘Permit’ for each item that comes up.

Once you have clicked your way through this barrage of items you may be left with a box that keeps popping up over and over that looks like this:

If that happens it means you have a process on your pc that is doing something potentially bad. It doesn’t mean you are infected, or compromised, or that some evil Hacker is invading your computer. It just means some software isn’t following the rules. The software in my example is for my Logitech Quickcam. Completely legitimate, but doesn’t follow the rules, so the Firewall is intercepting it. To stop this behavior click the Details button and look at the file location. Find out what the .exe file is and then open the Task Manager, find that EXE and kill it for now, then write the name down somewhere for later.

When you connect to your network Sunbelt will also ask you if the connection is “Trusted” or not. If you are connecting to the internet then the answer is always “NO!”. The internet is not to be trusted. A trusted network would be one with no internet access and which is populated by people you trust. Hence the name. Now you should have cleared all of the pop up boxes from the Firewall and be ready to continue. Now go ahead and open all of your favorite programs one at a time. The ones you use every day like Firefox, Outlook, Pidgin, Yahoo Messenger, AIM, iTunes, etc… this will give you a chance to check the “Create a rule…” box and “Permit” for each one of those applications. Now with that done from this point on you are going to be VERY suspicious of anything that your firewall warns you about.

Adding Exceptions and Configuring your Firewall

You will notice that down in the bottom right hand corner of your desktop, right near the time, is a small blue shield. This is Sunbelt. Double click on that shield and you get the overview screen.

From here you can see which applications are making connections at the moment. You can also click down to Network Security where you can check which applications are trusted and which are not, as well as the action that Sunbelt will take for each program. At the bottom of the list is an entry that defines what Sunbelt does with any program that doesn’t have a specific action. You will also notice the “Network Security Mode” checkbox at the top of the screen; if you uncheck that then the firewall will stop monitoring your network connections. You can change the action by clicking on the symbol to the right of the program in the desired column. For example if I wanted to set Internet Explorer to Deny when on the Internet I would click on the “Ask” symbol twice and change it to “Deny”. If I need to change it back I can click again to return it ti “Ask” and once more to make it “Permit”. I can also select an application and click the “Edit” button to control other behavior like User Alerts and logging. An application doesn’t appear on the Overview until it’s been detected by the firewall at least once. To the left you’ll notice a button that says “Stop All Traffic” this button slams the gates, brings up the drawbridge and readies the boiling oil. If something has gotten past your defenses and is calling in re-enforcements this button will put a stop to that nonsense while you repel the invaders. The other important button is the Web button on the left. This button brings you to a screen where you have the option to enable and disable advertisements, pop-up ads, and other web content like java and activeX. On the Privacy tab you can block cookies, disallow web site history tracking and protect your private data. The last tab there is the very important Site Exceptions where you enter the address of sites that you want to allow everything for. I highly recommend adding http://www.techemperor.com to your exceptions list.

Now, remember that file you wrote down WAY up at the top? It’s time to do something with that. Take the name and search for it using our friends at LIUtilities, once you know what applications the file is being used for go to Start -> Control Panel -> Performance and Maintenance -> Administrator Tools -> Services now find the process that uses the file and double click on it, then choose Manual from the drop down box and click apply. This will stop the program from starting when your PC does. If everything you use continues to work normally then you can leave this item disabled. If something DOESN’T work, then petition me for aid and include the name of the file and the application information from LIUtilities and I will see if I can help you resolve it.

Now you have Sunbelt configured you are well on your way to having a safe and secure system. If you’ve been enlightened by this article please