Managing Ports and System Services using BT NetProtect Plus firewall To work properly, certain programs (including web servers and file-sharing server programs) must accept unsolicited connections from other computers through designated system service ports. Typically, BT NetProtect Plus closes these system service ports because they represent the most likely source of insecurities in your system. To accept connections from remote computers, however, the system service ports must be open. System service ports can be configured to allow or block remote network access to a service on your computer. These system service ports can be opened or closed for computers listed as Home, Work, or Public in you re My Network Connections list. The list below shows the common system services and their associated ports: Common Operating System Port 5357 File Transfer Protocol (FTP) Ports 20-21 Mail Server (IMAP) Port 143 Mail Server (POP3) Port 110 Mail Server (SMTP) Port 25 Microsoft Directory Server (MSFT DS) Port 445 Microsoft SQL Server (MSFT SQL) Port 1433 Network Time Protocol Port 123 Remote Desktop / Remote Assistance / Terminal Server (RDP) Port 3389 Remote Procedure Calls (RPC) Port 135 Secure Web Server (HTTPS) Port 443 Universal Plug and Play (UPNP) Port 5000 Web Server (HTTP) Port 80 Windows File Sharing (NETBIOS) Ports 137-139 BT NetProtect Plus will automatically manage these ports for you and we strongly recommend you let BT NetProtect Plus do this. But you can open and close ports so a service can be accessed or denied by other computers on your network and the internet. Add a Service You can add a trusted, standard, or public computer connection and its associated IP address. 1. Double-click the M icon in your taskbar 2. Click Navigation and select the Firewall link
3. Click on Ports and System Services. Click Add Note that the checkbox on the left hand side of the screen means that Open ports are applicable only to Home and Work networks only 4. Enter the System Service Name - for example, File Transfer Protocol (FTP), Ports 20-21
5. Enter the System Service Category - for example, System Ports 6. Enter the Service Description for example, FTP Server Ports
7. Enter the Local TCP/IP Ports for example, 20-21 8. Enter the Local UDP Ports for example, 1900 (the setting for Universal Plug and Play). Note that in this example no UDP ports are opened and so the field is left blank 9. Open ports to either:
All PCs set to all All PCs in this example. PCs in Work and Home Networks only 10. Select option for Forward port activity to other PCs using Ethernet Connection Sharing. System service ports can also be configured to allow a computer to share its internet connection with other computers connected to it through the same network. This connection, known as Internet Connection Sharing (ICS), allows the computer that is sharing the connection to act as a gateway to the Internet for the other networked computer. Note that in this example no port forward activity is selected and therefore the check box is blank.
11. Click Save
Edit a Service You can edit a trusted, standard, or public computer connection and its associated IP address. 1. Double-click the M icon in your taskbar 2. Click Navigation and select the Firewall link 3. Click on Ports and System Services. Select the service you wish to edit. Click Edit 4. Edit the System Service Name for example, File Transfer Protocol (FTP), Ports 20-21
5. Edit the System Service Category for example, System Ports 6. Edit the Service Description for example, FTP Server Ports
7. Edit the Local TCP/IP Ports for example, 20-21 8. Edit the Local UDP Ports for example, 1900 (the setting for Universal Plug and Play)
9. Edit open ports to either All PCs PCs in Work and Home Networks only
10. Edit option for Forward port activity to other PCs using Ethernet Connection Sharing. System service ports can also be configured to allow a computer to share its internet connection with other computers connected to it through the same network. This connection, known as Internet Connection Sharing (ICS), allows the computer that is sharing the connection to act as a gateway to the Internet for the other networked computer. 11. Click Save
Remove a service You can remove a trusted, standard, or public computer connection and its associated IP address. 1. Double-click the M icon in your taskbar 2. Click Navigation and select the Firewall link 3. Click on Ports and System Services. Select the service you want to remove. Click Delete 4. Select Yes when the dialogue box pops up. ( Are you sure you want to delete this system service? ) If unsure select No For more help with BT NetProtect Plus, go to http://www.bt.com/help/netprotectplus