A Security Alert appears when a firewall rule matches incoming or outgoing information. This may be an Internet attack, a Trojan horse, or legitimate activity such as someone on your local network attempting to share files or printers. Not all Security Alerts are indications that your computer is under attack. Some harmless communication may match firewall rules and trigger Security Alerts.
A computer with the IP address [IP address] sent information that matches the [Firewall Rule Name] firewall rule.
Firewall rules control how your computer is protected from malicious incoming traffic, programs, and Trojan horses. The firewall automatically checks all data coming in or out of your computer against these rules. When a computer attempts to connect to your computer, or when your computer attempts to connect to a computer on the Internet, the firewall compares the type of connection with its list of firewall rules. Firewall rules are processed in a set order based on their types. System rules are processed first, followed by program rules, and then Trojan horse rules. Once a rule that blocks or permits communications is matched, all remaining rules are ignored. In other words, additional rules that match this type of communication are ignored if they appear below the first rule that matches.
When incoming or outgoing communication matches a firewall rule, the firewall immediately takes whatever action is specified in the rule. You do not need to take any additional action.
If a firewall rule is blocking legitimate connection attempts, you can modify or remove the rule. To modify or remove a General or Trojan Horse rule
To modify or remove a Program rule
|