Re: sonicwall port configuration
From: Kevin W. Miller (abuse@premier1.net)Date: 04/25/02
- Next message: Dave: "Re: ZoneAlarm has gone bonkers!"
- Previous message: Duane Arnold: "Re: Firewall for Network"
- In reply to: jameson: "sonicwall port configuration"
- Next in thread: Lars M. Hansen: "Re: sonicwall port configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Kevin W. Miller" <abuse@premier1.net> Date: Wed, 24 Apr 2002 19:31:11 -0700
jameson,
Let me take a stab at this although there are many out there better at this
than I am.
It sounds as if you wish to keep the world out of your LAN... assuming that
this is so then you should have a rule that says something like "Deny
Default WAN to LAN". This blocks all traffic from the WAN to your LAN. If
you have this rule and haven't added any others that allow some port or
service from WAN to LAN then you're well on your way. You can note and
ignore the port scans that you see logged. You probably also have a rule
that says "Allow Default LAN to WAN". This rule allows your users to
initiate anything from the LAN (HTTP, FTP, Chat, Streaming Audio etc). You
can use the "Access/Add Service" area to deny certain services to your LAN
users. For instance, adding the rule "Deny File Transfer (FTP) LAN to WAN
to the above two rules would prevent anyone on your LAN from FTPing anything
from the Internet yet allow them everything else. You could then add a rule
that says "Allow FTP LAN (YourAdminComputerIPAddress) WAN". This would then
allow only the specified computer to use FTP. All others would remain
blocked.
I agree with you on your asessment of the Sonicwall. One thing I really wish
they'd add, though, is a way to add comments to the rules so that 6 months
down the road you could look back at the comment and maybe remember what you
intended to achieve with a particular rule!
HTH,
Kevin W. Miller
"jameson" <jazzmannzho@yahoo.com> wrote in message
news:447e40a9.0204241130.1580961d@posting.google.com...
> OK, I love my sonicwall firewall, it does great. It doe s afine job
> for my network (A high school, 250 users). But I am kind of new to all
> this configuring. Today I had about 30 possible port scans to ports
> that are unassigned on my network. In my firewall congi screen, under
> "Access/Add Service" I have these listed:
> Web (HTTP)
> File Transfer (FTP)
> Send Email (SMTP)
> Retrieve Email (POP3)
> Name Service (DNS)
> Ping
> Key Exchange (IKE)
> Morpheus
> AIM
> Gnutella
> MSN Messenger
> some ftp thing
> Quake
> Half-Life
> port scan
> unknown port
> another unknown port
> block these ports
> Default
>
> I have so many pisted with there proper port number so that I can deny
> those particular ports, the ones that are being allowed out are web,
> smtp, pops, ftp, and DNS.
> But i want to just list the ONLY ones i want going in and out, surely
> i dont have to list EVERY port i want blocked! how can i just list the
> ones i want to ALLOW!
> thanks!
> jazz mann
- Next message: Dave: "Re: ZoneAlarm has gone bonkers!"
- Previous message: Duane Arnold: "Re: Firewall for Network"
- In reply to: jameson: "sonicwall port configuration"
- Next in thread: Lars M. Hansen: "Re: sonicwall port configuration"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
