24hoursupport.helpdesk
[Top] [All Lists]
<prev [Date] next>
Google
 
<prev [Thread] next>

Re: Firewall?

from [Mr. Arnold]
Subject: Re: Firewall?
From: "Mr. Arnold" <"Mr. Arnold"@Arnold.COM>
Date: Sun, 31 Dec 2006 07:44:27 GMT
Newsgroups: 24hoursupport.helpdesk 
Jack wrote:

I'm looking for Windows software that detects visitors to my server and
allows me to block or allow their IP's.
My D-Link router allows me only five such entries and I haven't been able to
find a more generous one, unless I spend thousands of dollars.
I don't think you need to spend thousands of dollars to find a good FW appliance, a good low-end one or a used refurbished one with warrantee from a reputable dealer, like Watchguard, Cisco, Snapgear, Sonicwall, etc etc. I don't know about that D-link. What model is it? 


I was under the apparently mistaken impression that a firewall should do
that, but after downloading and testing litterally dozens of software
firewalls, all I could find was anti-spyware, antivirus and other garbage
claiming to be firewalls.
Most likely what you have downloaded are not firewall software. A FW must meet the definition in the link, whether the FW is gateway FW running on a computer or it's an appliance/hardware solution. And I am not talking about a personal FW as they are not FW(s). They are just machine level packet filters that protect at the machine level. 

http://www.vicomsoft.com/knowledge/reference/firewalls1.html
A FW must have at least two interfaces. One is for the network it's protecting from usually the Internet and the other one is the network it's protecting, the LAN. 


I've tried freeware, shareware, you name it, it's all bloated crapware. My
idea of a firewall would be something similar

> to my door lock, if you have a

key you get in, if not, you stay outside. All these "firewalls" do is enable
or disable my applications and services' access to and from the internet.
Well, if I didn't want them accessed, I wouldn't turn them on, or better
yet, I would just unplug the computer. No need for a firewall!
Problem is, I want them accessed, but only from certain IP addresses. Black
Ice is the only one that does exactly what I need, it's wonderful, beautiful
and perfect, except it crashes my one-week old server with XP Pro SP2
freshly installed, every five minutes. No problem when Black Ice is
disabled.


I got to be honest here I use BI on this laptop. I got IIS, SQL Server,
.NET and a whole host of other application and services running behind BI, with IPsec running with BI. That's fine as nothing is exposed to the Internet, while I am setting up in this hotel doing contract programming at a client's, with a wireless and dial-up connection to the Internet.
However, I wouldn't use BI or any personal FW period to be protecting a machine that has services or anything else being exposed to the Internet. I would need a real FW solution to be doing that, which would be a standalone FW appliance that has software running that's not running with the NT based O/S that's exposed to the Internet. You should want a solution with things like only HTTP can come down port 80, can block by multiple IP(s) - more than five, block by protocols, block by packet attribute or state, and maybe block for a given time period if needed, and a syslog that you can use something like Wallwatcher (free). 


I went to the ISS website to seek help, they are aware of the problem, and
recommend using their latest version, which supposedly addressed that
problem. I AM using their latest version, downloaded a few days ago and
still have the problem.
You need to go behind the protection of a FW appliance or a packet filtering FW router that's ICSA certified. Netgear has an ICSA FW router. 


I need a simple program that doesn't shine my shoes or cook dinner for me,
just detects visitors and enables me to reject or allow them access to my
services.
Any suggestions appreciated,
If you want to use BI behind something, then use it. You can also supplement BI with IPsec that's on the O/S as well. 

http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
http://www.analogx.com/contents/articles/ipsec.htm

You might have to sign up to see this IPsec article.
http://support.microsoft.com/default.aspx/kb/813878
I myself would expose a Win 2K3 server and not XP to the Internet, but you do what you have to do.
However, if the O/S, registry, IIS, the file system and user accounts, which there are books and articles out there on Google that show you how to do this for the NT based O/S that's being exposed to the Internet, then nothing on the machine is secure. 

Here is another link on FW(s) and what they are about.

http://www.more.net/technical/netserv/tcpip/firewalls/
When I am setup at home, the machines are behind a low-end Watchguard, which I paid around $250 brand new out of the box.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Help on Instal 'PowerPoint'..., Mike Easter
Next by Date:  Re: installing a new hard drive, Walter Mautner
Previous by Thread:  Firewall?, Jack
Next by Thread:  Re: Firewall?, Walter Mautner
Indexes:  [Date] [Thread] [Top] [All Lists]