generic hardware firewall question about blocking incoming traffic

Discussion in 'other firewalls' started by LMHmedchem, Oct 5, 2013.

Thread Status:
Not open for further replies.
  1. LMHmedchem

    LMHmedchem Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    28
    Hello,

    Like many others, I have continued to get attempts to connect to my local net router from the Asia Pacific Network Information Centre and from RIPE Network Coordination Centre, Amsterdam. I would say that 90% of all external attempted connections come from these two locations. The originating IP address is usually not registered in ARIN, so there is no specific IP range I can block. It is probably pointless to block individual IP addresses, so I have been thinking about other methods.

    I began wondering why I should allow any inbound connections, meaning connection requests that originate off of my local net. After thinking about this, I realize that I don't fully understand these protocols as well as I should. Can someone explain whether or not I should block all incoming connections (I am not running any kind of service that would need incoming connections, ftp, sshd, etc). If I can't block all of them, which ones should I continue to allow? What would such a firewall rule look like, etc? Would such blocking affect the network traffic I need to support such as allowing a browser or email client on my local net to connect to a WAN server?

    The hardware firewall I am using is the z100g, which is a checkpoint product.

    Thanks for any assistance that you can provide.

    LMHmedchem
     
  2. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    That's really what it comes down to; if you aren't running a server, torrent site or other type of sharing service, then you should be able to block all inbound without consequence. I'm not qualified to explain the technical details of why, other than the bare basics. As for your router, I don't know about it, but it likely blocks inbound by default. You should be able to test it using something like shields up.
     
Loading...
Thread Status:
Not open for further replies.