Jump to content


Photo

Firewall rules


  • Please log in to reply
4 replies to this topic

#1 co_ol

co_ol

    Member

  • Full Member
  • Pip
  • 8 posts

Posted 08 July 2004 - 07:40 PM

Hi

I'm going thru a great learning curve in understanding how firewalls work. I believe that I have captured the basics. I would like to tighten the security on my firewall (currently using Kerio 4 but would like to use 2.15)

I still have some problems with some basic applications. The way I try to tighten the rules is to ask first and then set an advanced filter rule. However in the example of outlook 2003 once I went thru a successful startup of outlook and had set all filter rules it worked well. It only needed access for port 110 and 80 to the internet and another half a dozen ports (1800- 1850) in the trusted area.
Would the statement be correctly that the trusted area is your local area network only???

Now everytime I restart outlook it will ask me to open new ports that where previously blocked, I ended up with an etxra 10 or more ports and finally gave up to allow full access.

This also applies to some other applications.

Looks like I still need soome serious help. Can anybody shed some light on this issue I have.

Thanks in advance

Cheers
Oliver

#2 B@ckdoor

B@ckdoor

    Member

  • Full Member
  • Pip
  • 25 posts

Posted 08 July 2004 - 09:22 PM

Hi co_ol,

Maybe some cool answers here:

http://forums.kerio.com

http://www.blarp.com...r.cgi?toc=kerio

B@ckdoor

#3 Paranoid

Paranoid

    Forum Deity

  • Full Member
  • PipPipPipPipPip
  • 533 posts

Posted 09 July 2004 - 09:16 AM

Hi
However in the example of outlook 2003 once I went thru a successful startup of outlook and had set all filter rules it worked well. It only needed access for port 110 and 80 to the internet

BAd idea. Allowing remote outbound to port 80 for any email client. It leaves you vulnerable to web bugs.
Please note that the software I recommend above is entirely based on only my own experience and testing. In no way should my comments,opinions and endorsements be construed as an endorsement by the forum, nor do they reflect the advise or recommendations by the experts or helpers at spywareinfo.


#4 MaytagMan

MaytagMan

    Member

  • Full Member
  • Pip
  • 6 posts

Posted 13 July 2004 - 02:33 AM

Many programs out there use varying ports every time they start out. This is partially for security and compatability reasons. If you can find out the port range the program uses, you can allow that entire range, and not have to worry about changing it again. If its a random port, then there is not much you can do, other than try to configure the port manually. Port requirements can be found on the manufacturer's website, generally in the FAQs or Support sections. Good luck.

#5 23Antz

23Antz

    Member

  • Full Member
  • Pip
  • 7 posts

Posted 22 July 2004 - 12:13 PM

Of course, some people might say that using Outlook is like painting a big red target on your forehead, but that's only becuase it's so popular!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Member of ASAP and UNITE
Support SpywareInfo Forum - click the button