Firewalls Hard and Soft
Recently a friend of mine asked me about ports on a firewall and which were the best to close off. So I'm taking this opportunity to go into detail about firewalls, don't know if I have before but there are 2 types of firewalls, Hardware and software.
Software is the most common, it's simply a program that runs in the background that controls your ports as well as bandwidth flow usually. There are a slew of software firewalls out there but I'll list a couple of my favorites.
The Kerio personal firewall is my favorite. It's free (or advanced version is purchaseable), customizeable, everthing...I love it.
Zone Alarm comes in a close second as this thing has been around forever. It's easy to use and very effective.
I'd say those are the ones you want to go for, some antivirus programs have built in firewalls such as Norton/Symantec and Panda which are decent enough anti-virus programs.
As for hardware firewalls this most often connotates a router or something of that nature. If you're looking for a good router I'd go with a name brand, like Linksys or Netgear simply because those that aren't so computer savy have a good tech support and these are easy to work with. If you'd like to look around for a different router I'll give you a list and some links:
3Com, Alcatel, Asus, Belkin, Buffalo Technology, Billion, Cisco Systems, Inc., Cyclades, D-Link Systems, Draytek, Enterasys Networks, Hewlett-Packard, Huawei Technologies, ImageStream, Juniper Networks, Lightning MultiCom, Linksys, Mikrotik, MRV Communications, NETGEAR, Nortel, Redback Networks, Siemens AG, SMC Networks, Tellabs, U.S. Robotics, Zoom, Trendware, ZyXEL
That should be enough to browse through.
Anyway, the question at hand, which ports to close once you have this wonderful technology. Because there's so many ports it's next to impossible to list them all out, but some people have actually tried to list them out. This one is ok, a long ways behind though, it was last updated in 2001.....
The best advice I can give is to close all your ports and have your firewall ask you if you want to allow traffic through each time a new source appears. This seems the best, it blocks off all the random crap you don't want to deal with and allows you to save responses to choices. If you want one thing to get through but not another, you can set it up that way, and it's easy. With Zone alarm it's a matter of clicking one single button.
If you really want to be secure you can set yourself up for "port knocking." I know it sounds funny but port knocking is a communication where data comes encoded in the form of connection attempts to closed ports, in which the port sequence forms the encoding, and acts as an event trigger on the receiver's end. The only problem with this is that the receiver does not return a message to the sender during this in order to make it seem accidental or mean spirited.
Thats the best I can tell ya, I don't know a lot about port knocking or I woulda posted more, it should be easy to find though. For further reading about trojans, tcp/ip, and ports I suggest reading this. It's a decent read not fast by any means but I don't have much of a life so I read it pretty quickly.
Thank you
AK
For Razor
Software is the most common, it's simply a program that runs in the background that controls your ports as well as bandwidth flow usually. There are a slew of software firewalls out there but I'll list a couple of my favorites.
The Kerio personal firewall is my favorite. It's free (or advanced version is purchaseable), customizeable, everthing...I love it.
Zone Alarm comes in a close second as this thing has been around forever. It's easy to use and very effective.
I'd say those are the ones you want to go for, some antivirus programs have built in firewalls such as Norton/Symantec and Panda which are decent enough anti-virus programs.
As for hardware firewalls this most often connotates a router or something of that nature. If you're looking for a good router I'd go with a name brand, like Linksys or Netgear simply because those that aren't so computer savy have a good tech support and these are easy to work with. If you'd like to look around for a different router I'll give you a list and some links:
3Com, Alcatel, Asus, Belkin, Buffalo Technology, Billion, Cisco Systems, Inc., Cyclades, D-Link Systems, Draytek, Enterasys Networks, Hewlett-Packard, Huawei Technologies, ImageStream, Juniper Networks, Lightning MultiCom, Linksys, Mikrotik, MRV Communications, NETGEAR, Nortel, Redback Networks, Siemens AG, SMC Networks, Tellabs, U.S. Robotics, Zoom, Trendware, ZyXEL
That should be enough to browse through.
Anyway, the question at hand, which ports to close once you have this wonderful technology. Because there's so many ports it's next to impossible to list them all out, but some people have actually tried to list them out. This one is ok, a long ways behind though, it was last updated in 2001.....
The best advice I can give is to close all your ports and have your firewall ask you if you want to allow traffic through each time a new source appears. This seems the best, it blocks off all the random crap you don't want to deal with and allows you to save responses to choices. If you want one thing to get through but not another, you can set it up that way, and it's easy. With Zone alarm it's a matter of clicking one single button.
If you really want to be secure you can set yourself up for "port knocking." I know it sounds funny but port knocking is a communication where data comes encoded in the form of connection attempts to closed ports, in which the port sequence forms the encoding, and acts as an event trigger on the receiver's end. The only problem with this is that the receiver does not return a message to the sender during this in order to make it seem accidental or mean spirited.
Thats the best I can tell ya, I don't know a lot about port knocking or I woulda posted more, it should be easy to find though. For further reading about trojans, tcp/ip, and ports I suggest reading this. It's a decent read not fast by any means but I don't have much of a life so I read it pretty quickly.
Thank you
AK
For Razor
posted by Akiratima at 4/21/2006 12:03:00 AM
1 Comments:
Hey Aki ...Thx for the post...Great stuff !!!!
Post a Comment
<< Home