Re: Firewall and Home Network

From: ThomBa (BarnaThomas@netscape.net)
Date: 11/22/02 

From: BarnaThomas@netscape.net (ThomBa)
Date: 22 Nov 2002 13:19:15 -0800

David and Bob,
Thanks for your replies.

I'm afraid that I don't know the status for outgoing. Only that the
router should block all incoming even though the in/outgoing FW
options are disabled.

Can you explain what the meaing of incoming is? Does it mean all
traffic to my system or does it mean just attempts to establish a
connection to my system?

In the configuration I have a FW option where I can enable in- and/or
out-going FWs. For each direction I can choose allow/deny all
in/outbound traffic except a number of configurable IPs and/or port
numbers.

The manual says the incoming FW will only apply for DMZ and local
"virtual servers (ftp/http...)"

I tried setting the outgoing firewall to deny all except
20,21,25,110,119 and 443. This blocked all communication for web and
mail. Now I deny only 137-139. I am going to check with my ISP for any
required ports, guess I should have done that long ago.

Yes the FW has a logging function that gives me info like:
Friday, November 22, 2002 21:10:01 Unrecognized access from
4.62.124.65:1029\
        to UDP port 137
Friday, November 22, 2002 21:37:12 Unrecognized access from
62.255.196.93:1026\ to UDP port 137

I am a bit confused here and hope you can spare me a few more minutes
on this

TIA,
Tom

"David" <davidwnh@adelphia.net> wrote in message news:<4yUC9.47231$6g.7866747@news1.news.adelphia.net>...
> Tom,
> Is this router configured by default to allow all outgoing or to block all
> outgoing?
> As to incoming it is often best to keep them all closed by the default and
> them open them if you have applications that need them.
> You will almost certainly need to allow outgoing traffic on the four ports
> that Bob mentioned. That will get you going with the most common uses
> atleast. Also open 443 outgoing since that will give you secure web pages.
>
> I'm not familiar with your particular router but does it have a logging
> capability , and if so does it log your outgoing blocked and/or allowed
> traffic and with or without an entry that shows the destination port?

Relevant Pages

  • Re: Exim4 SMTP direct send, blocked incoming port 25
    ... ISP (incoming)? ... to forward my mail to another port, but I'm not sure outgoing ...
    (Debian-User)
  • Re: pop3 smtp settings muddle
    ... Disable email scanning (outgoing and incoming) by your anti-virus application. ... You prolly will have to reconfigure the Outgoing mailserver manually after disabling email scanning. ... Seperate authentication information is correrctly added for the smtp server ...
    (microsoft.public.windowsxp.general)
  • Re: How to block upd port 137 traffic
    ... no remote address. ... PSF I have a top rule denying any traffic on my port 137 to and from ... does not stop outgoing "system" traffic to unknown adresses. ... router on ports 137-139. ...
    (comp.security.firewalls)
  • Re: firewall setup to prevent Mydoom virus
    ... If I am using my ISP email server, ... all "NEW" state incoming should be ignored.) ... or outgoing pop3 over the internet side should be allowed). ... You should run very good antivirus on all machines, ...
    (comp.os.linux.security)
  • Re: Monitoring user e-mail
    ... > mailbox for all outgoing and incoming mail. ...
    (microsoft.public.exchange.admin)