Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Block Everything - Open up what is needed.


  • Please log in to reply
7 replies to this topic

#1 swallow1929

swallow1929

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:43 AM

Posted 22 May 2015 - 05:32 PM

Hello,

 

I have often heard that when it comes to firewall the best practice is to block all ports and open up what is needed.  Where could I find a list or a tutorial on what should be open and what doesn't need to be ? 

 

Thank you



BC AdBot (Login to Remove)

 


#2 TechnicianOnline

TechnicianOnline

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Online
  • Local time:11:43 PM

Posted 22 May 2015 - 05:36 PM

Swallow,

 

Depends what type of firewall you're installing? Is this a Network Firewall or just something you're installing on your Computer?

Depending what you're installing, we can provide better feedback. Generally you will block everything, then enable as needed for the Services and Client request on the Network.

 

Let me know, thanks!


A Network isn't something you 'own' or 'have'; you may only wield it like the sword of Excalibur.


#3 swallow1929

swallow1929
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:43 AM

Posted 22 May 2015 - 05:40 PM

Not really installing anything, just trying to learn more on the topic.  I guess both network or user firewalls explanation would be nice.  On the host based firewall, would be even possible to do something like that ? I mean in the small environment maybe but would something like that be possible in a large organization or is it even common for people to do that in the IT departments ? 



#4 TechnicianOnline

TechnicianOnline

  • Members
  • 125 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Online
  • Local time:11:43 PM

Posted 22 May 2015 - 05:53 PM

Not really installing anything, just trying to learn more on the topic.  I guess both network or user firewalls explanation would be nice.  On the host based firewall, would be even possible to do something like that ? I mean in the small environment maybe but would something like that be possible in a large organization or is it even common for people to do that in the IT departments ? 

 

 

You're not going to be able to manage a Network from the endpoint Computer.

Generally, you want to be able to control the Network from the source/entry this is called the Gateway.

 

The reason you block everything is to prevent everything. You will never run into an issue where you block something and NOT know about it.

Although you will run into something where you allow something and you never know about it. Leaving more things open increase the risk of attack.

 

Your users and your Services will always let you know when something is blocked and it should be unblocked. Example? You block port 80, now every users can't access websites.

You block port 53 now EVERYTHING doesn't work. So to generally speak about Firewalls, you must know what type of Network appliance you want to install, with an understand of Port security.
 

Focus on Port security, it's very important to know what Port is assigned to each Service.

 

-source

http://en.wikipedia.org/wiki/Port_security

http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

 

 

A good resource is open resources with free products to test out.

When I was starting out, I ran a few VM's with Linux and played with ipTables since it's built in natively, then moved onto running Untangled the Linux Firewall appliance.

 

-source

http://en.wikipedia.org/wiki/Iptables

https://www.untangle.com/shop/firewall

 

 

 


A Network isn't something you 'own' or 'have'; you may only wield it like the sword of Excalibur.


#5 malynensi

malynensi

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Local time:07:43 AM

Posted 04 June 2015 - 03:00 AM

thanks for the information guys. I now know much about how firewall operates on my laptop



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,492 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:43 AM

Posted 13 June 2015 - 08:39 AM

Caution: If you're going to start blocking ports, be careful which ones you block or you may lose Internet connectivity.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Guest_clou1956_*

Guest_clou1956_*

  • Guests
  • OFFLINE
  •  

Posted 10 November 2015 - 07:27 PM

Isn't there a good dummies download or fix to secure firewalls to allow single user , do not care to share network so I could shop online with our fear of hackers, remote detection. My problem is having medical issues and pain, I quess the only option is just to not use my laptop anymore,as my new Apple MBP has been a disappointment. I do not like the Windows 8, so I sick with my Microsoft Windows 7 64 bit Home Prem. I did pay a company monthly fee for scanning my laptop but I really did not see a lot of effort after 6 months of using their  service as I feel they got lazy. 



#8 dannyboy950

dannyboy950

  • Members
  • 1,338 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:port arthur tx

Posted 17 November 2015 - 02:14 PM

Not that I have found so far and I been looking for several years.

If you have a proprietary combo modem/router like I do it may not allow remote administration from the web.

 

My local AT&T switched from their good {$$$} Motorola unites to these cheap Pace combo units, you can not access them from the web at all. Even knowing the IP address and even the Mac address and password it will not allow remote administration.

 

Now the links provided by the other fella at least list what ports are used for what. However they do no list which ones you have to allow or you can close without killing your access to the internet.

 

I want to know what I have to allow, not just what Microsoft wants me to allow.  Because it ain't always one and the same.


HP 15-f009wm notebook AMD-E1-2100 APV 1Ghz Processor 8 GB memory 500 GB Hdd

Linux Mint 17.3 Rosa Cinamon





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users