Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
2
 
LVL 36

Expert Comment

by:Loganathan Natarajan
Comment Utility
What about storing cpanel, or important logins to re-login often? shall we store it in the browser?
0
 
LVL 1

Author Comment

by:Kiefer Dunham
Comment Utility
Hi Loganathan. I very much enjoy the convenience of storing my usernames and passwords in my browser for several of the websites that I frequently visit. Most of the time this practice is very acceptable and carries little risk of a breach in the security of your personal information. However, I would not recommend doing so if you share any of your devices with others. In the end, it is really at the user's discretion. If you save all of your usernames and passwords to a browser account such as those offered by say Google Chrome, then all that a hacker has to do is find out that one username and password to have instant access to all your other accounts. There is an old saying. "Don't put all your eggs in one basket." I believe it applies here. There is always some risk. Though, the risk is minimal in this circumstance. I hope this helps.
0
Ransomware Attacks Keeping You Up at Night?
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intentions being that the user of the DROP list will install it within their firewall.

Though I've found a lot of support to compile to drop list into alternative operating systems, I've found support to be lacking on the internet for implementation with Windows servers, without a hardware firewall.

This list is free to most users.  As stated on their web site: "The DROP list contains network ranges which can cause so much damage to internet users that Spamhaus provides it to all, free-of-charge, to help mitigate this damage."  

"When implemented at a network or ISP's 'core routers', DROP and EDROP will help protect the network's users from spamming, scanning, harvesting, DNS-hijacking and DDoS attacks originating on rogue netblocks."

The following instructions will allow a web server using Windows Advanced Firewall to take advantage of Spamhaus DROP lists.  

http://www.spamhaus.org/drop/

This script has been modified from the original code to output netsh commands, replacing the original iptables output.

Create file called "pulldrop.php" with the following code:

<?php

/*
 * SpamHaus DROP Tool v0.1
 * 
 * Written by Rick Hodger <rick@fuzzi.org.uk>
 * 

Open in new window

0
 
LVL 6

Author Comment

by:Shaun Rieman
Comment Utility
I'll expand on it as soon as possible.  Thank you!
0
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the setup but is not supported by Websense or its employees. It is encouraged to contact the vendor should you run into any issues in the setup on non-Websense products. This guide was written using the latest firmware to date for 5th Gen SonicWALL firewalls v5.8.1.2-36o.

1) To get started you need to create and address object for your network ranges. We are going to use ranges since you need to exclude Websense components from the redirection to the proxy. On the SonicWALL interface navigate to Network > Address Objects. Scroll to the “Address Objects” section and click on add. Create one for each range of your network making sure you leave out your Websense Components. In this below example
 Address Objects
2) Next we need to group the address objects we created together for later use. Scroll back to the top of the Address Objects Menu and under “Address Groups” choose Add. Name the group anything you want, for this guide we will use WS Redirect, and select all of the address objects you created earlier and move them to the right.
   Address Group
3) With the redirection group setup we need to create another “Address Object” for the proxy address. This is the address we will send traffic too. This is either …
1
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_export, copying the files off of the server, and then having to make time to repeat these tasks daily.  I have seen more firewall admins skip backups of the SmartCenter just because there is not a clean easy way to do the upgrade_export automatically.

I have written a 100% FREE, easy to use program to assist in running and automating the upgrade_export process (see download link below).

The program is called the BMPTS- CP BackupInator or BMPTS-CPBI.  The CPBI is designed to be user friendly and easy to install.

CPBI is designed for firewall administrators, and you must have a good understanding of network shares and permissions to use it correctly.

The CBPI is installed by extracting the zipped files to a location of your choosing onto the SmartCenter Server ( Microsoft Windows 2000 – 2008).
 
After you have extracted the files, run the help file called CPBackupInator Use.mht.  This help file is a basic web archive file that will show you how to configure and run the CPBI correctly.

As suggested in this help file, before you begin to use or configure the software, you should establish a service account (account with access to run the EXE’s on your …
1
If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse day by day. Finding a good firewall program without shelling out pocket full of money is even tougher.

I am all about free program. Free as "FREE BEER". I came across a Firewall program couple months ago, which is free but very much effective.

Comodo Personal Firewall is a firewall for free. Despite of the free-of-charge fact, it has some features that far exceeds any commercial firewall products in the market: It includes a Memory Firewall which allows you to switch between different configuration on the fly. And it supports automatic updates for behaviour checking.

This program might not be a suitable choice for a computer novice or just an ordinary user. The pop-up window alert displays way too frequently and lets you know what's happening. Doing a very simple installation of any program might end up with quite a few mouse clicks. If security is very important to you and you can get past the clicks, then this is one program you wont regret.
I have been testing it for last two months and i am very much impressed with its capability. It gives you load of tweaking options so you can train it the way you prefer. We often overlook the firewall part and get busy with anti-virus programs, but the truth of the …
2
 
LVL 18

Expert Comment

by:Ravi Agrawal
Comment Utility
I don't know if you are talking about the Commodo Security suite as a whole or only the firewall part. I had installed comodo too but just removed it. Not to put a negative comment out there but I just felt that comodo failed on me on the following respects ---

1. a massive download size (anything above 100MB is massive unless it is a Windows service pack) but nowadays it is normal for software packs to have such a big size, so I guess we can ignore that.
2. definition updates (for the anti-malware part of the suite) they take another 150MB or so.
3. no place on the comodo site to download stand-alone antivirus definition files.

If you are reinstalling windows or installing commodo on several PCs, one would not expect each PC to download its 150MB definition file, individually.

P.S. - I retired Comodo six months ago, if it has changed, correct me.

Ravi.
0
Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks."

In the recent months, I have encountered several 'script kiddies', both of a domestic and foreign locations, attempting to brute-force hack their into my SSH and FTP server. Since I have a need for both applications for personal and business needs, I needed a quick and easy way to 'fix their little red wagon' and keep my site running without having to watch it day and night. As a result, I discovered that someone had developed a Perl script (URL below) but it was only intended for ssh attacks, so I took it upon myself to help improve the script and give it the ability to watch over the ProFTPd application processes as well.

Block.pl script (the one for sshd) can be found here: http://shellscripts.org/project/sshblock

But before the script could be deployed as a counter to these ssh and ftp brute-force attacks, I first needed to harden my existing network infrastructure.

First, I reconfigured my router to port forward port 19 (or whatever non '21' port) to port 21 on the IIS/FTP server. Then I configured port 21 on the router to forward to the Linux server (as described below). This way I can tell my customers to use the new FTP forwarded port (i.e. …
3
 
LVL 7

Expert Comment

by:CSorg
Comment Utility
I have about the same mechanism, although I use SQL logging with triggers to fire a script which on its turn will add the offending IP to a block list using IP security. Only I must say I do not release the offending IP address, I like to keep it hostage :-)
0
 
LVL 7

Expert Comment

by:DrAtomic
Comment Utility
I have gone as far as cutting off both China and Russia; the amount of "hack" attempts subsided by 90%. That said we use that same script for SSH; love the modification to it will certainly test with it.
0

Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls