Strict rules for web server?

Discussion in 'Other Ghost Security Software' started by rhg, Jan 26, 2006.

Thread Status:
Not open for further replies.
  1. rhg

    rhg Guest

    Hi,

    I would like to add specific outgoing rules for a web server instead of using the default rule 'Allow All Outbound'. It's important that I do not lock myself out and thought to ask here first.

    Here is a list of rules that I am using with GhostWall v1.5:

    Allow all protocols out->Any, Any, Any, Any
    Allow all protocols in/out<->Any, Any, 127.0.0.1, Any
    Allow TCP in<-xxx.xxx.xxx.xxx,3389,Any,Any
    Allow UDP in<-xxx.xxx.xxx.xxx, 53, Any, Any
    Allow TCP in<-xxx.xxx.xxx.xxx, 80, Any, Any
    Allow TCP in<-xxx.xxx.xxx.xxx, 21, Any, Any
    Allow TCP in<-xxx.xxx.xxx.xxx, 25, Any, Any
    Allow TCP in<-xxx.xxx.xxx.xxx, 110, Any, Any
    Allow TCP in<-Any, Any, Any, 53
    Block All Protocols in/out, Any, Any, Any, Any

    I only use passive FTP, and have edited my MetaBase to use a port range of 7500-8000. Wanted to let you know just in case knowing helps.

    Can I just edit the rules above to Allow in/out on the 53,80,25,110,3389 and just create one new rule for FTP outgoing?

    Any help on this is greatly appreciated.

    Thanks for such a great free tool,
    -rhg
     
Thread Status:
Not open for further replies.