Re: A story from the BlackIce mam

From: bassbag (bassbag@bodybags.dragon.wales)
Date: 01/05/03 

From: bassbag <bassbag@bodybags.dragon.wales>
Date: Sun, 5 Jan 2003 15:19:33 -0000

In article <R1FR9.441331$GR5.147707@rwcrnsc51.ops.asp.att.net>,
notme@notme.com says...
> I think first you need to identify what ports MSN is using and you can by
> downloading *Tcpview*, which will tell you the ports that MSN is using
> during your download process. Go to Google and get *tcpview* -- it's free.
>
> I think you can tell BlackIce on those ports to do and *Accept* turn the IDS
> on for the port and allow it. If BlackIce see an attack coming in the
> network traffic, the IDS will tell the firewall to *block* the network
> traffic from that IP.
>
> I think that you can put BlackIce back into the *Paranoid* mode, which means
> if the network traffic is not initiated on your end *Block* -- it' a SPI
> kind of thing.
>
> So, I think on those ports for MSN if you tell BlackIce to do an *Accept*
> on all IP(s)-check mark it *on* and set the level back to *Paranoid*,
> BlackIce is on *point* and you are covered.
>
> Try it! -- let me know what happens.
>
> A little tip, you can specify in that IP Address Box:
> 192.168.1.100-192.168.1.150 and tell BlackIce to *accept* or *reject* and
> that's what will happen.
> In the Port Box you can specify 122-7690 -- low and high ranges.
>
> If you're not using BlackIce's Application and Communication controls,
> you're leaving the machine open to attack, it will stop a worm or Trojan
> horse, if either one of them hit the machine and BlackIce is configured
> properly, you recognize the issue, and take the appropriate action.
>
> It all comes down to this, if one understands, by reading a manual, on how
> to use any product, it can only benefit *you*.
>
> HTH
>
> Duane :)
>
>
>
Thanks for advice and info Duane..
me

Relevant Pages

  • Re: Black Ice is bad stuff! BEWARE!
    ... BID's firewall to do many things to protect my home network. ... because I have read the Adv User Manual for BlackIce. ... IP* on those two ports. ... The protection of the machine is a process and is not a given! ...
    (comp.security.firewalls)
  • Re: Trying to understand BI and Emule Plz?
    ... > Others are zipping along off of me ... > Since this BI firewall, and perhaps the XP one being on as well, I'm still ... >> you didn't account for the other ports, Blackice was blocking inbound on ... >> those ports. ...
    (comp.security.firewalls)
  • Re: Looking for a software Firewall..
    ... Yes BlackIce will do that. ... Allow Internet File Sharing ... network and you can share the network resources and still be protected from ... the Internet on ports 137/138 and 445 for NT, ...
    (comp.security.firewalls)
  • Re: Heres what.
    ... You ever really used blackice? ... Zone Alarm does all the work. ... >legit ports for attack signatures... ... MOTAR has BlackIce and it doesn't do shit compared to ...
    (comp.security.firewalls)
  • Re: A story from the BlackIce mam
    ... I think first you need to identify what ports MSN is using and you can by ... Go to Google and get *tcpview* -- it's free. ... I think you can tell BlackIce on those ports to do and *Accept* turn the IDS ...
    (comp.security.firewalls)
Quantcast