Software Firewalls

19K

Solutions

6

Articles & Videos

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Is there a way to block an entire folder including the .exe everything inside a folder from connecting to the internet? If Windows 10's Firewall can't is there another Firewall that can?
0
Free Tool: Path Explorer
LVL 8
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

I have a group of PCs in a domain environment that we want to lock down except for a few applications.  I am using Group Policy to configure firewall exceptions to allow these applications to work.

One of the allowed applications is Outlook.  We have a CASARRAY, and currently when I try to access Outlook it says that Exchange is offline and won't let me configure a new account.

In the GPO, I have rules configured for DNS & AD Domain Services.  For Outlook I created a rules that allow access to the CASARRAY with the following:

Outbound:
"389/TCP/UDP (LDAP)
3268/TCP (LDAP GC)
88/TCP/UDP (Kerberos)
53/TCP/UDP (DNS)
135/TCP (RPC netlogon)
80/TCP
443/TCP (SSL)"

Inbound
"TCP End Point Mapper (TCP/135)
Dynamic RPC port range (6005-59530)"

I am still unable to configure Outlook.  What am I missing?  Is there a different approach I should be taking?
0
I have a Windows 7 PC that we are trying to lockdown.  I have a group policy that puts a firewall rule in place to only allow 2 IP addresses to initiate RDP connections.  We have tested this successfully from the 2 IPs while all others are denied.  When the PC reboots, they 2 IPs can no longer RDP to it.

So far, the only thing I've found that will reestablish the ability to RDP from the 2 IPs is to remove the PC from the domain and re-add it back in.

Any suggestions on the cause and possible resolution?

Thanks!
0
I had this question after viewing Wifi issue with asa 5506.

How to you return from AP>. Prompt to the asa prompt (cisco asa> )?

I sessioned into the cisco 702 AP but can't get out it
0
hello , i need allow skype on sonicwal and block all proxy and signature id 5 or 7 . Is it possible.
0
Recently we added a new TPG IPVPN Connection (MPLS Network with Hosted Firewall) to eth2 on our watchguard but cant get it to work properly (see attached picture)

For some reason i cannot ping any Sydney LAN IP Addresses (on 10.50.2.0/24 network) from QLD Office to Sydney Office.

What do i need to enable / configure on the wathguard so i can ping internal lan addresses from qld office ?

QLD Office LAN is on 10.4.26.0/24 network.
Sydney office LAN is on 10.50.2.0/24 network

From QLD office I can ping 210.10.228.14,210.10.228.13, 10.252.0.6, 10.252.0.5 OK, but if I try to ping the Watchguard LAN IP Address 10.50.2.90 or another device in the same Sydney network from QLD Office it times out. Any ideas ???

Sydney Office Watchguard Configuration is as follows:

I have 3 interfaces setup on my Watchguard x750e firewall with following parameters:

Eth0: IP: 210.10.228.14 (External) - This is connected to a ISP Managed Cisco 1900 Series Router. This is a routed subnet services TPG NBN Conneciton.
Gateway: 210.10.228.13
NetMask:255.255.255.252

Eth1: IP: 10.50.2.90 (Trusted)
Netmask: 255.255.255.0

Eth2: IP: 10.252.0.6 (External) - This is connected to a TPG NTU and is a IPVPN Connection. This also requires RIPv2 and has dynamic routing setup.
Gateway: 10.252.0.5
Netmask: 255.255.255.252
Dynamic Routing Configuration:
1. Enabled Dynamic Routing is enabled.
2. Enable RIP is enabled
Rip Configuration :
router rip
network 10.252.0.4/30
network …
0
Hello experts-exchange, can the ASA 5520 be configured for SMTP Gateway relay use?
Thank you,
Nina
0
ASUS Router RT AC3200
NETGEAR MODEM C7000-100NAS

Typically, when you bridge a modem it loses any wifi broadcasting abilities & you can no longer directly hardwire your PCs ethernet cable to it - you now must plug in directly into the router. In addition you lose the ability to use 192.168.0.1 to see your modem's GUI anymore. It's still there, I just need some kind of router permission, tweak, programming, firewall allowance, setting enabled, call it what you want, to be able to use 192.168.0.1 again. I know there's a way through the router just need help.

Any ideas?
0
Hi,

I have added few folders(say abc, def) as favorite tool bar in Internet explorer 11.

when i try to save a link to one of favorite tool bar folder called abc it is not allowing me.

there is no save option there.

please advise
0
what is the best to have the selection criteria for Firewall and Endpoint security  in the TC level . most  of the  firewall and the end point security has the similar common features . so that very difficult to select the over another  . some are saying we are in the top 3 in the that report , some are saying  we have the gateway level syn .  with the end point , like wise

please give me the best approach on this . we don't want to have the most expensive product
0
Put Machine Learning to Work--Protect Your Clients
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as the high-speed power of the cloud.

I've just installed a pfSense 2.1.5 on a VM for a migration purpose. This psSense vm will be on a Private vswitch talking to another vm (a testing pc) on the same private vswitch. While I tried to start pfSense up for the first time I found I can't get passed WAN setup --it asks for WAN interface name, which I don't know. (I actually need to set up LAN, but I now cannot even get over WAN setup.) Can you help please?

Here is error I am getting:
VLAN Capable interfaces:
No interfaces found!
No VLAN capable interfaces detected.
*NOTE* pfSense requires *AT LEAST* 1 assigned in....
..*WILL NOT* function correctly.

If you do not know the names of your interfaces, you may choose to use auto-detection. In that case, disconnect all interfaces now before hitting 'a' to initiate auto detection.

Enter the WAN interface name or 'a' for auto-detection:

If I hit 'a',
Connect the WAN interface now and make sure that the link is up.
Then press ENTER to continue.

I get:
Warning: Invalid argument supplied for foreach() in /etc/inc/config.console.inc on line 447
No link-up detected.

Enter the WAN in....
0
Hello Experts,

#########################

The system includes

Server
IP: 10.99.200.97
OS: Win2012R2

3G router (VPN SIM Card)
Interface ppp0 IP: 10.1.0.1
Interface usb0 IP: 192.168.1.1
OS: ARM Linux

Client PC
LAN IP: 192.168.1.100

#########################

3 of them connect by

Server <---> 3G router <----> PC Client

#########################

The 3G Router is basic linux with nothing but iptables command. I tried several command option but did not work so far.

Such as,  
/mnt/nand1-1/ap/iptables -t nat -A PREROUTING -p tcp -i ppp0 --dport 21 -j DNAT --to-destination 10.0.0.100:21

PS. PC client can Ping 3g Router IP: 10.1.0.1 but cannot Ping 10.99.200.97
Will you have any ideas?
Thank you.
0
I would like my router to forward port Pxyz to computer 192.168.1.100, say.  I know how to do that with my router.  What' hanging me up is: How do I use windows firewall and an incoming rule to send Pxyz to , say 3389 for RDP on my server that is sitting at 192.168.1.100?

If I use plain old generic 3389 and just enable that, sure it works great.  But I really want to specify a pseudo-random port number for RDP, but I really dislike the registry hack approach.  That just seems super inelegant and forced, to me, when I know port forwarding and routing are available!

Thanks,
Gary L. Coakley
0
I have a server which runs on PostgreSQL, Django on apache and gets hang up every couple of days. I understood that it would require PostgreSQL optimization. But there are so many parameters not sure where to start. As of now, the server hanging up. Please let me know what kind of information you need so that I can provide you and you can better assist me.

Also I have iptables firewall setup not sure where exactly is the problem. But the website hangs up every 1 one day and when I restart the apache it works for one day.
0
Hi,

I am trying to filter Skype traffic by bluecoat as I notice until now , Skype uses UDP and TCP but bluecoat deals only withTCP and ignore UDP
by the way my bluecoat is in transparent mode using WCCP.
did anyone succeed in controlling Skype traffic using bluecoat.


Regards
0
Hi all, thanks for your time in advance.

The issue i've got at the moment is:

We host websites for clients, and are using TMG 2010 SP2 RU5 to perform link translation/reverse proxying to internal systems via VPN connection to a 3rd party to access products hosted on another company. e.g.

Client > Our Product > TMG > 3rd Party via VPN > Vendor > HTTP/HTTPS response

HTTP/HTTPS response > Vendor > 3rd Party via VPN > TMG > Our Product > Client

The issue is some of the products that provide an http/https response don't use modern web compatibility. e.g. we have to inject <head><meta http-equiv="X-UA-Compatible" content="IE=5" /> into the header of the html page using TMG. on a page using SSL certs.

we have a number of domains that we can use potentially

e.g. our current solution is hosted on https://test.ourdomain.com.au which is where the TMG link translation occurs.

We either need to do a double redirect for the HTTP requests or redirect it to another SSL domain which we own which i'm not sure is even possible.

https://test.ourotherdomain.com.au 

(Note actual names and domains changed for security)
0
What is the difference between these two interfaces in checkpoint FWs?
0
I Have a pair of CP 1470  Firewals that I need to deploy as a HA failover pair. Has anybody completed this task before and can share a typical configuration ?
0
My 14.04 LTS ubuntu box has 2 active network connections. the default gateway is the hardwired eth0 going to my cable modem (192.168.1.x) .

The wireless connection (wlan0 at 192.168.0.x)  is to a cellular access point to Sprint LTE gateway, and I want to ssh with the -b option to bind to the wireless connection and with socks proxy port forwarding going through the Sprint network, not through my cable modem. (I couldn't figure out how to run a separate 2nd sshd process for the wireless connection)

What routing rules are required to route the ssh socks proxy traffic through the wireless connection rather than the default gateway on eth0?
0
Webinar: Aligning, Automating, Winning
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

We want to force all of our remote users to connect thru our VPN when they are in remote areas. So for example, Jane takes her laptop home  with her. Her laptop must connect thru our VPN or she will have no access to internet. I thought I had this  figured out, but it doesnt work in all places. I created a Windows local  firewall rule for outbound connections and applied it to the home/public network profile. The rule blocks ports 20-25, 53, 80, 81, 110, 137-139, 443, 444 when the network profile is on home/public. This still give enough access for user to connect to the WiFi itself, but will not allow other internet services until the VPN is connected. Once VPN is connected, that switches laptop over to Domain network profile. The firewall rule is no longer in play now and will let the usual internet traffic pass at this time, but it now goes thru our VPN and network firewall.

The Problem: This works well on home WiFi's but it won't work in an environment where user connects to a WiFi and is then redirected to a authentication portal, such as a Hotel's internet access; hotels often force you to authenticate on their private network before you have true internet access.  Due to the  Windows firewall rule, the browser will not redirect to the hotels authentication page, as the port that this traffic goes thru, is a blocked port.
0
My internet connection is very slow specially social media. I have setup a rule to exclude other people not to use some social media. But this did not solve my issue. We were even researching on putting up a proxy server hoping to increase the speed due to catching .etc. and bandwidth management.

1. We can see checkpoint has an option of enabling a proxy at this moment it is not enabled(will we benefit from this proxy should we enable it? if it is transparent will we need to change anything on the client machines?

2. My devices are 4400

3. Can enabling this overload the firewall?
0
Hi All,

I have just built a cluster of web server behind pfsense a few days ago. As the snort log and alerts, I recognized that it seems to be wrong with some default rules of category "preprocessor.rules" as below:
- 119      4    not-suspicious    none    HI_CLIENT_BARE_BYTE
- 120      3    unknown    none    HI_SERVER_NO_CONTLEN
- 120      8    unknown    none    HI_CLISRV_MSG_SIZE_EXCEPTION
- 137      1    bad-unknown    none    SSL_INVALID_CLIENT_HELLO
I'm not sure if I'm correct or not. So I create this topic to ask for your help and experience: which rules are wrong? Do you have any collection of WAN rules for web server, FTP server, etc...
0
Hi,

I'm trying to setup an old server as a backup firewall. I've installed pfSense on it and I'm able to configure it using the web interface.

So when the pfSense firewall is only connected via its LAN network card to the existing network (that uses the current Watchguard firewall) then hostnames resolves just fine (using 'DNS Lookup' under 'Diagnostics'), using localhost and my two internal DNS servers.

But when I connect the incoming 'Internet cable' to its WAN interface then hostnames doesn't resolve anymore ... seems like it doesn't see the internal DNS servers anymore? I can't figure out why though (no special rules defined, everything on default) ... any ideas?

The WAN interface has a public IP address (like 182.58.10.240) and its upstream gateway is like 182.58.10.1
The LAN interface has an internal IP address like 192.168.1.1

Any help is appreciated!
0
We just today got the cisco firewall up and running.  However, we can no longer receive emails (pop3) and I can seem to access all website except my own, which is offsite.  I am not quite sure where to start.  I did a tracer route to my url's ip to which i got "flow is denied by a configured rule"

There hasn't been anything set up on the firewall, basically just installed with default settings.  No training involved whatsoever.  Wonder what I need to do to allow inside users to receive their email from the outside source and to access that website.  Thanks!
0
So I am looking to deploy a hyperV box with multiple public facing servers that need little to no bottleneck in the way as far as performance.  My question is, what is the standard best practice to do this and maintain secured environment to manage the servers?  I know I can deploy a private networks behind a firewall and connect via RDP to the boxes etc, but what is the best way to put a public network on with public IP's and make sure that only certain ports are accessible via the public IP.
0

Software Firewalls

19K

Solutions

6

Articles & Videos

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.