Re: How effective is a router as a firewall?
From: ClareOldie (ClareOldie_at_nowhere.ie)
Date: 10/29/03
- Next message: optikl: "Re: Kerio's rule set keeps disappearing! Attn: Sponge"
- Previous message: Robert de Brus: "Re: FTP behind a router and firewall"
- In reply to:(deleted message) Jodie: "Re: How effective is a router as a firewall?"
- Next in thread: Jodie: "Re: How effective is a router as a firewall?"
- Reply:(deleted message) Jodie: "Re: How effective is a router as a firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 29 Oct 2003 13:20:16 -0000
"Jodie" <jodie512@REMOVEsbcglobal.net> wrote in message
news:rpeupvs2trt8dri1fvupbnt9hna6l5frhp@4ax.com...
> ClareOldie wrote:
>
> >In my limited experience I would advise the following
> >Log in as other than Admin unless needed for a specific purpose.
> >
> >Run a sofware firewall to keep tabs on what apps/processes are trying to
get
> >out. Choose from among others ZA, Sygate, Outpost .
> >
> >Implement IPSec on your machine (Win2K). A simple implementation, and one
I
> >am currently fond of, is from AnalogX. All the rules I could ever need
are
> >already set up and require to be ticked (activeated) or not as my need
> >determines. Look here:
> >http://www.analogx.com/contents/articles/ipsec.htm
> >I have no idea why IPSec is not promoted more strongly. It is a great
> >"'nother" layer of defence. It does NOT do app control.
> >
> >As others said the router will block incoming unrequested traffic.
> >
> >Also of course run an up to date AV and check regularly with such as
AdAware
> >and/or SpyBot S&D.
> >The above should see you about as safe as most while connected.
> >Practise "safe hex".
>
> I d/l'd analogx. It appears, according to the readme, that it is for
> servers only. I am running MS W2k Professional on a laptop for my own
> personal use at home. Would you still recommend analogx for my laptop.
> I've backed up/exported IPSec and also the entire registry. But I
> haven't done anything yet. I did enable IPSec in my LAN IP/Options
> settings.
>
> Please advise, thanks.....
>
>
Hi Jodie,
As I briefly stated above you need to choose the rules to
suit your circumstances - if you don't run a server from your computer then
ONLY select "client" rules.
I only have the following boxes ticked, you may need others:
SMTP Client (Port 25 Send Mail)
POP3 Client (Port 110 Receive Mail)
NNTP Client (Port 119 Read NewsGroups)
HTTPS Client (Port 443 Secure HTTP)
HTTP Client (Port 80 Internet Traffic)
FTP Client (Port 20 & 21 Downloads)
DNS Client (Port 53 Dynamic Name Server)
All UDP Traffic These block all traffic in
All TCP Traffic the absence of a match between
All ICMP Traffic attempted traffic and any rule above.
<Dynamic>
11 in all ticked.
You can further tweak the DNS rule to allow only your ISP's DNS server
addresses. You can find these in Outpost rule for DNS which is the free
Software firewall I currently use. Also I think that the TCP part of this
rule could be deleted - you would need to check this in operation. After you
delete it if you can't surf properly then it's needed so replace it.
You could further tweak say the receive mail rule to only allow it to go to
your ISP's addresses.
The same applies to the send mail rule. Indeed you could put both of these
together in one rule as they would be limited to the same addresses.
The NewsGroups rule could be tweaked to only go to the newsgroup servers
that you use. If you don't use any and don't intend to then you could untick
it.
Neither HTTP nor HTTPS can be limited addresswise. These are for surfing the
net. I can't remember ever using HTTPS but windows update uses it so that
might explain why I couldn't update previously - I probably had it blocked
in Outpost!.
Tick only the "Client" rules unless you want your computer to act as a
server on the internet.
The FTP rule could be tweaked by putting in the addresses that are used for
updating your progs such as AVG, Outpost, Adaware etc. I wouldn't advise it
though if you even irregularly download the odd programme off the internet.
By the way I have now enabled Windows update on this machine. It works fine.
For some reason I'm not as concerned now about it as I used to be.
For best protection TWEAK the rules.
Good luck with it, IPSec gives another different layer of protection and
although it doesn't do App control at least you know that if your software
firewall should ever fail to function properly then you have most ports
blocked but with no App control.
I will watch this thread in case you have anything else I can help with.
Seán
- Next message: optikl: "Re: Kerio's rule set keeps disappearing! Attn: Sponge"
- Previous message: Robert de Brus: "Re: FTP behind a router and firewall"
- In reply to:(deleted message) Jodie: "Re: How effective is a router as a firewall?"
- Next in thread: Jodie: "Re: How effective is a router as a firewall?"
- Reply:(deleted message) Jodie: "Re: How effective is a router as a firewall?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
