freesurfer
November 17th, 2007, 06:18 AM
Good day,
I'm using ESS v3.0.563.0, firewall in interactive filtering mode.
I have 2 programs, Apache HTTP Server and Diskeeper, that opens port using IP 0.0.0.0 (all interface). I wanted to keep the ports open locally only (block internet and LAN) but ESS doesn't prompt when these program runs/open ports and when accepting connections from the internet (I used grc.com's Shields UP to test for the ports). I tried switching the protection mode, Strict protection and Allow sharing, but still no prompt, still open to the internet.
Then something unexpected happens (considering the situation). While in the process of restricting programs (settings allow/deny rules, more on it later), I was able to have ESS prompt for connection accept from the internet. The rule I was setting up allowed a certain protocol/port open, for the specified program (in this case, Diskeeper), from localhost (127.0.0.1). When I tried to scan that port from the internet, ESS prompted. When the rule was removed (leaving no other rules as it's the only rule), ESS didn't prompt.
A "trusted" program that accepts connections supposedly locally only (such as those that has a service component and/or uses TCP/IP for communication between components) can be accessed from the net. This makes such programs a potential security threat/loophole as it is open to the internet for abuse.
Unless I'm missing something, some obscure settings tucked in the bowels of ESS, then I hope that ESET can fix ESS to recognize the all-interface IP (0.0.0.0) and prompt accordingly if it should accept connections locally, from the internet, or not at all.
(for those curious, I create two types of rules for programs, an allow rule specific to a certain protocol/port/ip, and a deny all.).
Regards.
I'm using ESS v3.0.563.0, firewall in interactive filtering mode.
I have 2 programs, Apache HTTP Server and Diskeeper, that opens port using IP 0.0.0.0 (all interface). I wanted to keep the ports open locally only (block internet and LAN) but ESS doesn't prompt when these program runs/open ports and when accepting connections from the internet (I used grc.com's Shields UP to test for the ports). I tried switching the protection mode, Strict protection and Allow sharing, but still no prompt, still open to the internet.
Then something unexpected happens (considering the situation). While in the process of restricting programs (settings allow/deny rules, more on it later), I was able to have ESS prompt for connection accept from the internet. The rule I was setting up allowed a certain protocol/port open, for the specified program (in this case, Diskeeper), from localhost (127.0.0.1). When I tried to scan that port from the internet, ESS prompted. When the rule was removed (leaving no other rules as it's the only rule), ESS didn't prompt.
A "trusted" program that accepts connections supposedly locally only (such as those that has a service component and/or uses TCP/IP for communication between components) can be accessed from the net. This makes such programs a potential security threat/loophole as it is open to the internet for abuse.
Unless I'm missing something, some obscure settings tucked in the bowels of ESS, then I hope that ESET can fix ESS to recognize the all-interface IP (0.0.0.0) and prompt accordingly if it should accept connections locally, from the internet, or not at all.
(for those curious, I create two types of rules for programs, an allow rule specific to a certain protocol/port/ip, and a deny all.).
Regards.