Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Let only the browser and security software out-bounding the internet


  • Please log in to reply
4 replies to this topic

#1 xspeed

xspeed

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 30 May 2017 - 04:50 PM

Greetings,

 

For the last 4-5 months it was tested on Windows 10 and 7 the following method, and at least from what could be observed, everything was all right, no problems at all.

 

Block from Windows firewall all the inbound and outbound traffic for all the Domains.

 

Let go through the firewall only:

 

-Core-Networking DHCP-In - inbound (otherwise it seams that the internet connection doesn't work)

-Core Networking - DNS (UDP-Out) - outbound (otherwise it seams that the internet connection doesn't work)

-Browser and security software or other applications which really received updates more than one time per week - outbound (in this case, no other applications need to access the internet.

 

Once in a week for a few minutes let go through the firewall only the system files and services which are responsible for Windows update, or even turn off the firewall at all for a few minutes, in order to update the Windows.

 

If anyone please, could answer to the next two questions:

 

1. Do you consider that this method is a bad habit?

 

2. Do you consider that for a few minutes when the firewall is turned off at all, if on the system are any kind of malware which should connect to the internet, they will do it in those minutes when the system receive updates and will harm the system?

 

Best wishes.


Edited by xspeed, 31 May 2017 - 01:44 AM.


BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:34 AM

Posted 31 May 2017 - 11:50 AM

Can you tell us what your home network setup is? How does that computer connect to the Internet?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 xspeed

xspeed
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 01 June 2017 - 03:22 PM

Thank you Didier Stevens,

 

The network is only a little/family/home one.

 

I was wondering more, if that practice could make more worst than good to the systems from those specific machines/devices...

 

Respectfully.



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:34 AM

Posted 02 June 2017 - 11:04 AM

To help you, we need technical details of your network. Do your machines connect to the Internet via a NAT router?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#5 xspeed

xspeed
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Local time:07:34 AM

Posted 02 June 2017 - 01:40 PM

I appreciate Didier Stevens,

 

Indeed, the machines connect to the internet via a NAT router...

 

I ask those questions more as informative, to know as many details about could could go wrong, the advantages and disadvantages of that practice...

 

Regards. 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users