Cannot see all
of a Web page when NIS or NPF is installed
Situation:
When you go to specific Web pages, not all of the page is displayed. If
you disable some features of Norton Internet Security (NIS) or Norton
Personal Firewall (NPF), all of the page is displayed.
Solution:
This problem happens when NIS or NPF has been configured to block scripts,
ActiveX controls, Java applets, referral information, or advertisements.
ActiveX controls and Java applets can be blocked by customizing your
security settings from the main interface. To find out whether this is the
problem, read the section "Customized settings."
All of these security features (scripts, ActiveX controls, Java applets,
referral information, and advertisements) can be blocked by specific Web
rules. These rules are located in the Advanced Options of the program. For
scripts, ActiveX controls, Java applets, and referral information, see the
"Web rules" section of this document.
For advertisements, see the document How to create a rule to override
default ad blocking.
Customized settings
1 - Open your Symantec desktop Internet security or firewall product.
2 - Click Security.
3 - Click Custom Level. The "Customize Security Settings" window appears.
4 - Look at both the Java applet and ActiveX boxes. If either or both are
set to block, lower the security level and then click OK. (In the example
above, Java applets are being blocked.)
5 - Try to connect to the Web page again.
Web rules
If elements of the Web page are still being blocked, there may be a Web
rule that is blocking scripts, Java applets, Active X controls, or
referrer information.
1 -Open NIS or NPF.
2 - Click Options, and then click Internet Security (or Personal
Firewall).
3 - Click Advanced Options.
4 - Click the Web tab.
5 - Click "Add Site."
6 - Type the URL for the Web site that contains that Web page. For
example: www.test.com may be the Web site that contains the page
www.test.com/samples/sample1.html.
7 - Click OK. This step adds an entry to list for that Web site. Note that
if the Web site was already listed, this action does not add another
entry.
8 - In the left frame, click the name of that Web site.
9 - In the right frame, click the Active Content tab.
10 - If Script is set to Block, change the setting to Permit (or to "Allow
all script to execute," depending on your NIS or NPF version).
11 - If the first box for Binary Executables is set to Block, change the
setting to "Allow Java applets to execute."
12 - If the second box for Binary Executables is set to Block, change the
setting to "Allow ActiveX controls to execute."
13 - Click the Privacy tab.
14 - Look at the checkbox "Use these rules for <name of Web site>".
* If the box is not checked, then
this setting is not blocking referrer information. Continue with step 16.
* If the box is checked and the
Referer box is set to Block, change the setting to Permit.
15 - Click Apply, and then click OK. This closes Advanced Options.
16 - Click OK again, and then close the program.
Technical Information:
How Referrer information blocks portions of Web pages
When you open a Web page that includes graphics, the Web server for that
page may use the referrer information to display the graphics. This
happens when those graphics are stored on a different Web server than the
one you are visiting. In this situation, the first Web server sends a
request to the graphics Web server to obtain the graphics. The request
includes the referrer information. The referrer information enables the
graphics Web server to send the graphics to the correct location.
When you block the referrer information, the graphics Web server cannot
send the graphics to the correct location, and you do not see the graphics
that your current Web server would normally display.
How Ad Blocking blocks portions of Web pages
The advertisements that NIS and NPF block are often parts of Web pages,
rather than entire Web pages. NIS and NPF know which parts are
advertisements because the advertisements use specific coding. NIS and NPF
compare the coding on the Web page against the NIS or NPF default list of
advertisement codes to determine whether a part of the Web page is an
advertisement.
When a code on the Web page matches a code in the NIS or NPF list, NIS and
NPF block that part of the Web page. To configure NIS or NPF to allow that
part to be displayed for any specific Web page, see the document How to
create a rule to override default ad blocking.
Related information
Web sites do not load
images after applying the 4.0.3 update for NIS or NPF
Situation:
After installing Norton Internet Security (NIS) or
Norton Personal Firewall (NPF) 2002, or after applying the 4.0.3 update to
NIS or NPF, you notice that some Web sites do not display images.
Solution:
This problem happens because the affected Web sites
display the images by first sending information to another server and then
obtaining the images from that server. The information that the Web sites
send is called referral information. For security, NIS and NPF
prevent Web sites from sending your referral information to other servers.
To resolve the problem, create a rule for each affected Web site to allow
the site to send referral information.
1 - Determine the
address of the Web site that shows the problem. Typical addresses are
similar to "www.bob.com" or "ads.acme.com."
2 - Add the Web
site to the list of sites that NIS and NPF monitor:
a - Open NIS or NPF.
b - Click Options, Internet Security, and then Advanced Options.
c - Click "Add Site."
d - Type the site name and click OK. This adds the new site to the Web
list.
3 - Change the
options for the Web site:
a - Choose the site
that you just added in the Web list.
b - Click the Privacy tab.
c - Choose "Permit" in the "Referer" section that is in the "Browsing
Privacy" section.
d - Click Apply, OK, and then OK again.
4 - Close NIS or
NPF.
5 - Restart the
computer.
When you next visit that Web site, the Web site
displays all its images.
Passing referrer information
to specific Web pages in Norton Internet Security™ and Norton Personal
Firewall™ 2002 and earlier
Situation:
This document explains how to allow Norton Internet
Security or Norton Personal Firewall to pass referrer information to a
specific Web page. This document applies to Norton Internet Security or
Norton Personal Firewall version 2000, 2001 and 2002. See the Note below
if you have version 2003 or 2004.
Solution:
If you want to allow referrer information to pass to
a particular Web page, you must create a rule for it.
Note:
For instructions on passing referrer information with Norton Internet
Security or Norton Personal Firewall 2003 or 2004, read the document
Passing referrer information to specific Web pages in Norton Internet
Security and Norton Personal Firewall 2003 and 2004.
To create a rule
1- Open Norton
Internet Security or Norton Personal Firewall.
2 - Click Options.
3 - Click Internet Security or Personal Firewall. (This step is not always
needed.) The Options window appears.
4 - Click Advanced Options.
5 - Click the Web tab.
6 - Click Add Site. A new site/domain box appears.
7 - Enter the name of the site that you want to receive the referrer
information and click OK. That site name appears in the left frame of the
Advanced Options window.
8 - Click the name of the new site.
9 - Click the Privacy tab.
10 - Check the "Use these rules for..." box.
11 - Change the Referrer from "Block" to "Permit." Your screen should look
something like this:
12 - Click Apply,
and then click OK.
13 - Click OK to close the Options window.
Technical Information:
How referrer
information works
Referrer information is information that a Web site sends to another Web
site when you click a link on the first Web site to open the second Web
site. When you click a Web page, your browser makes a note of the current
page you are on and sends that information to the server of the new Web
page. This way, the server for the new Web page knows the last Web page
you viewed.
If you block referrer information, the server of the page you are
requesting to see does not know what page you saw last. By default, Norton
Internet Security and Norton Personal Firewall block referrer information.
However, some Web pages require referrer information before allowing you
to view the page.
For example, if you are on www.symantec.com and click www.microsoft.com,
the browser sends information to the server www.microsoft.com. The
information includes the fact that you are currently viewing the site
www.symantec.com. If you block referrer information, the server
www.microsoft.com does not "know" that you were previously at
www.symantec.com. If the server www.microsoft.com required this
information, your browser would not display the Web page at
www.microsoft.com, and you might see an error message.
How to allow users access to
certain sites without requiring authentication
Situation:
You want to know how to allow access to a particular site or group of
sites that do not use authentication.
Solution:
Before you begin the configuration, if you have not already downloaded and
applied the NT650-1 hotfix, you must to do so. This hotfix allows you to
use domain names in rules. You can download it from the
Symantec Support Web site.
After you have downloaded and applied the hotfix, follow these steps
1 - Open the RMC.
2 - To create a host entity based on domain name, click Base Components,
right-click Network Entities, click New, and then click Host.
3 - Click the General tab.
4 - Type a name for the host entity.
5 - Click the Address tab.
6 - Enter the host's FQDN (fully qualified domain name), ex.
hostname.domainname.com, and then click OK.
7 - Click Access Controls, right-click Rules, click New, and click Rule.
8 - Click Inside Interface under "Connections Coming in Via" from
drop-down list.
9 - Select the Internal Subnet for Source.
10 - Select the Network Entity you created for the domain name as the
Destination.
11 - Click Outside Interface under "Coming out via."
12 - Click the Services tab, and double-click the http* service to move it
to the Included Services list.
If the site uses HTTPS, click http*, click Configure, and then configure
the settings accordingly.
13 - Click the Authentication tab and be sure None is selected. Click OK.
14 - Save and reconfigure the Firewall by clicking the floppy disk on the
icon bar. |
