It’s not always easy to tell whether a program really needs the rights and privileges of a server.
When your firewall alerts you that an application wants to act as a server, you have two simple ways to determine the correct response.
Find out why a program wants server status
Maurice Carson ran into one of those all-too-common, half-explained firewall queries:
- "What about programs wanting to ‘act as a server’? I have ZoneAlarm as a firewall, and many programs want to act as a server. Why?"
First, let’s define the jargon. A "server" is a program that responds to a request from another program to open a connection, send or receive a file or data, launch a program, or perform some other task. A "client" is a program that makes such a request.
Technically, client and server programs can reside on the same machine. Security risks come into play when the client and server are on separate networked machines. Some programs are both clients and servers, while others -- known as "standalone applications" -- are neither.
ZoneAlarm and other security tools are especially suspicious of any program that wants to act as a server, because letting other PCs request data or services from your system is obviously risky. The firewall has no way of knowing whether the request to act as a server is legitimate, so it punts the decision to a human -- you.
The simple, empirical way to respond to a program’s request to act as a server is to choose the "No" or "Deny" option (or whatever verbiage your security tool uses) every time. Denying the request is always safest; you’ll never reduce your security by blocking a program’s request for server rights.
Saying no may cause some necessary features or functions of the program to stop working, however. In these cases, the application really does need to act as a server. You can then adjust your security tool’s settings accordingly.
The "default to No" method is crude but effective. I prefer to figure out why a particular program might need to respond to a client’s request for a file or other resource. For example, it’s pretty clear that the Skype voice-over-IP (VoIP) tool needs to act as a server in order to respond to incoming phone calls. Likewise, if you use a file-sharing app that makes your PC part of a network for receiving and redistributing files, acting as a server is part of the deal.
In cases like these, you’d let the software in question act as a server. But keep in mind that it’s always more dangerous to allow server requests. Doing so opens a path into your PC for outside service requests. Of course, this may be necessary for the software to work as intended.
If you don’t recognize the would-be server program or don’t understand why it’s making a request to act as a server, do a little research. If possible, query a search engine with the exact wording of the relevant part of your security tool’s message, and include the name of the program making the server request. Odds are many other people have asked about the same program and the answer is just a few clicks away.
If you can’t find an answer online, fall back to the empirical method. Or, as I’d put it more simply: "When in doubt, lock it out, but if it breaks, raise the gates!"
Reply With Quote
