Basic Firewall Settings

Discussion in 'other firewalls' started by MikeNAS, Feb 8, 2008.

Thread Status:
Not open for further replies.
  1. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Hello!

    I'm quite n00b with firewalls and I hope there is someone else too :D So I need to know basic firewall rules and processes to use HTTP/HTTPS (Web Surfing). I mean that which windows process etc. must be able to connect to internet so you can use internet too. It's also good to know which protocol that process needs and which port.

    Here is example if I someone doesn't understand what I mean:

    process: svchost.exe, protocol: UDP, direction: IN, port(s): 68,123

    So only needed processes, protocols, directions and ports. Of course users internet usage habits (P2P, FTP etc.) means that more open ports needed but if I have understand correctly it's quite easy to add those ports later (when needed). It's also good to know what Web Browser needs?

    Thanks a lot!

    -MikeNAS
     
  2. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    Among the many links in our firewall forum sticky is a thread dealing with many of the questions you are concerned with. It's a good read and suggest you at least give it a look see as you discover the world of packet filtering and what not.

    Found here---> Firewall Questions for beginners
     
  3. MikeNAS

    MikeNAS Registered Member

    Joined:
    Sep 28, 2006
    Posts:
    697
    Location:
    FiNLAND
    Thanks Bubba! I have found that Sticky but Paranoid2000 (+Stem) thread is better.
     
  4. Stem

    Stem Firewall Expert

    Joined:
    Oct 5, 2005
    Posts:
    4,948
    Location:
    UK
    Hi MikeNAS,
    The thread/post linked to by Bubba (Paranoid2000 (+Stem) thread) will answer your above question (= DHCP and windows time).

    If you do have further questions, or if you think that post is not clear, then please post/advise.

    Regards,

    Edit. I have now placed that thread back as sticky.
     
  5. jrx10

    jrx10 Registered Member

    Joined:
    Jan 26, 2007
    Posts:
    85
    Stem, I've still got your original network setup rules as well as the ones posted by KDNeese, and have adapted them with IP range network blocks of my own. (I can't remember if you posted them on this forum or the Comodo forum or maybe the Outpost forum), but anyway, I just wanted to say thx, because I would've been SOL without those basic 'net rules when I started out.
    I don't want to steal this thread, but in CFW 3.0, lets say you've got a server that constantly jumps tracking IPs to several IPs within their server IP range (embedded web-page connects). That server also hosts non-tracking IPs that you need for other non-tracking websites and they jump around within that same server IP net range as well, but usually the last set of numbers in the IP are different . I've been playing around with CFW 3.0 and it looks like the best way is to group those individual IPs that you need to open to connect to these non-tracking--good websites (but won't open without one or sometimes more tracking connect (s) to this server) in a network group (which you can logically label whatever you want) and normally leave them disabled until you need to connect with these "good websites and then just open this "group" all at once, and then close it after your finished. This net rule is placed above the complete IP range block of the server in question. ​
    \One ATT-worldnet and one NTT-AM server are a huge PIA for me right now. BTW, does anyone know how to track down IP reassignments within these servers. Somtimes ARIN has a web address where you can supposedly get the server reassignments, but it never works, which suxs.
     
Loading...
Thread Status:
Not open for further replies.