Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Hi all,
I’m running Sygate Personal Firewall 5.0 on a Compaq DeskPro EN 450MHz computer with 128MB and a 10GB harddrive.
I’m in a bit of a quandry…my firewall configuration doesn’t appear to do what it should.
First of all, there are two applications that cause me the most grief: CFD.exe and Tgcmd.exe. CFD.exe is a file from Broadjump Client Foundation; software that corresponds to my cable modem. Tgcmd.exe is the Real Networks System Tray.
The problem is that I have these applications BLOCKED; both in their individual application rulesets, AND in their individual Advanced rulesets. The Advanced Ruleset blocks these programs from ALL HOSTS, denies access to ALL Ports and Protocols, affects ALL Network Adaptors, and operates when Screensaver Mode is Both On and Off. The firewall Security Level is set to Normal.
Even with what I think is a thorough configuration these programs still manage to send and receive unauthorized packets. For example, during a session I will get several pop-up messages stating that “Application Client Foundation has been blocked, file name is CFD.exe”. However, when I check the Applications Details screen I see that additional packets have been sent and received by the program. Furthermore, the columns that read “Incoming Blocked” and “Outgoing Blocked” show zero packets being blocked.
Then, when I check the Connections Details screen I see that Local Ports 1024 thru 4020+ are being used to establish connections over the internet. How can I fully block all my ports? I was under the impression that my Advanced Ruleset would accomplish this.
In any event, how can I effectively configure my firewall to block all applications other than those for my internet connections (i.e. – IExplorer, Cable, and Aol)? Also, how can I block (and STEALTH) all of my Ports – particularly the Upper Ports?
All help is appreciated.
Ej1
Open up Sygate and click Applications (at the top) this will list the applications that you want to allow, click the ones you do not want and right click put a check by BLOCK tHIS WILL BLOCK, AND WHEN YOU GET A POP UP THAT ASKS YOU A QUESTION read careful sometimes it says do you want to allow yes or no (this is on the screen) that is if you have ASK, and on the bottom right hand corner a pop up says when they blocked something, and setting it to Norm will give you a blocked port or Steath, go to www.pcplank.com? and test, I will get back to you do not know if this is the correct url....Sygate really is easy just confusing when you first start with it, you can also (while you are online) click the logo in taskbar call up logs and right click one that you are in doubt and backtrace it may be your exp.
0 
Ok, its www.pcflank.com, you can run a outside test also open up Sygate and there is a test buttom also, hope this helps... I have Call Wave (internet Answering Machine)& Internet Explorer and those are the only applications allowed. also go to http://grc.com and download a program called NO Share, thats if you have need for sharing your files, read what the program is for you can access this program by scrolling to the end of his web page and click on free stuff, I have several of his programs (leak test) also is nice.
0
Sue,
Thanks for responding.
I checked the programs in Applications List. Both Cfd.exe and Tgcmd.exe are showing "Blocked" in the list. However, they still slip through the firewall.
I've tested my firewall at Sygate's SOS site, where it does show that my ports are stealthed. But "Incoming" and "Outgoing" packets from those programs continue to breach my firewall with no regard.
My attempts to use PcFlank's test have proved useless since the site can only see my ISP's DNS server ip address, and not my computers IP address.
Any more thoughts on this?...I appreciate them all.
Thanx.
0
Look at thisProgram Name: CFD
Executable Name: CFD.exe
Required: No
Comments: BroadJump Client Foundation. Broadband troubleshooting software installed by various companies. Not required and you can remove it via Add/Remove programs
http://www.lafn.org/webconnect/mentor/startup/PENINDEX.HTM
0
ejl, when you look at the above site: you can do what I said for the Cfd file but don't delete by mistake the other one until you do a search on Google and read all about it, it looks like both of these were installed by you dsl (I assume you have it) earthnet, when you give authorization to get connected to internet thus dsl, it is software from them or your dsl site, I seen some where if you delete the Tgcmd.exe you won't be able to connect so don't but read just put in the search at googlehttp://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=Cfd%2Eexe+in+xp and then look up the
0
Thanks Sue,
You've been very helpful. I did confirm the Cdf.exe program at another site, and wil delete it shortly. But first I'll copy and rename it - just in case I should need to replace it.
As for Tgcmd.exe, I'm still debating.
Just out of curiosity, why do you suppose Sygate doesn't block all the packet transmissions by Cfd.exe - as viewed in the Connections Detail screen?
Thanks again.
ej1
0
I don't have dsl, but I have dial up and because I allow it to dial up I am allowing the software that goes with it to access, I would imagine that dsl is the same way when you allow the cable to access the net all software that goes with it probably is allowd too, you know like you can't allow 1/2 of a program to connect and the other 1/2 not too...This may not be the reason I am just guessing, but that is why I had you check both web sites for steath or blocked ports, since you have Sygate thought maybe they had some way of telling you the untruth, but since pcflank said the same I Know its not SYGATE'S fault at all, it is doing its job, I would post this on the reg forum too SAY (WHAT IS TGCMD.exe SpyWare?} and do all the search's you can on it and check with the dsl people or your isp, because I do not have dsl I don't understand its connection or software program I would also state DSL in the question then the people with DSL will reply and state your isp in there too, but hope you read some of the websites on this, I would not delete till ya know....Good Luck and you do run a sypware program don't you like AdAware & Spybot Search & Destroy for Trojans get both I run both and check when I get off or before I go on the Internet (NOT that I have anything important on my computer I just hate spying and tracking)...Good luck...Sue
0
Hi Sue,
Thanks again for the insight.
You've raised some interesting questions. Looks like I now have some research to do.
I chose Sygate because I wanted control over configuring my firewall...unlike with ZoneAlarm. But, I'm learning that,'if it's worth having, you gotta work at it'.
In any event...Thanks alot Sue.
ej1
0
Once I updated my Norton Virus dat files I keep getting a message that there is a "malicious" script by the name of "tgsmd.exe" on my computer. What should I do with this file. I see that it is located in a number of areas on my computer
0
I too have the same problem, when I updated my Norton Anti-virus DAT files, I have the same error pop-up with regards to the TGCMD.exe ! seems strange.
0
When Windows XP starts up I get a message from Norton Anti Virus that says there is a "malicious" script called "tgcmd.exe" on my computer.I have found this on my Support.com program and other programs but I don't if I should delete it.Does anyone know how to fix this problem?
0
I too have the malicious script tgcmd.exe that started last thursday dec 5.
Does anyone know how to fix this problem?
0
Same story here! Norton flags it as a malicious script and the only thing I've done with it is stop the action because you can't isolate it.
I did have a potential contact with a virus but it was detected by Norton when I forwarded it from an aol account to my eartlink account.
I ran a search for the tgcmd.exe file on my computer but wasn't able to find anything.
0  |
 |
 |
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
