Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear Experts, I'm installing Snort in an Exchange server but got this fatal error when loading the snort.conf file.

Can you please check and suggest?  How can I fix this directory? Many thanks!

Capture.PNGsnort.conf
0
Announcing the Winners!
LVL 13
Announcing the Winners!

The results are in for the 15th Annual Expert Awards! Congratulations to the winners, and thank you to everyone who participated in the nominations. We are so grateful for the valuable contributions experts make on a daily basis. Click to read more about this year’s recipients!

hello
i have captive portal that is work under pfsense
is there any software for windows and andriod can installed and authentece instead of web browsing like sohpos ?
thanks.
0
Hello everyone,


I have a Cisco ASA 5516 with two inside interfaces. One is for customer LAN and another is for a few branch offices connected via a router that is connected to the 2nd Inside interface (All those offices are in the same building connected by a FO backbone. Customer is going to replace an old ASA 5510 where almost the same config already works.  

LAN network is 192.168.0.0/24 connected to 1/3 on ASA

Branch Offices are connected to 192.168.2.0/24 connected to 1/4 on ASA
 
I want to be able to ping and have unrestricted traffic between them.

Currently I have a laptop connected to int 1/3 and another one connected to Int 1/4 but no ping.

Someone please help!

Here's the configuration

ASA Version 9.8(2)17
!
hostname ASAFCHFW
domain-name mydomain.com
enable password $sha512$5000$pt2nRGQbSXA8K3vdow+Ztg==$kGNfDJREqQCQ+jO7m0bxmQ== pbkdf2
names
no mac-address auto

!
interface GigabitEthernet1/1
nameif Outside
security-level 0
ip address x.x.x.131 255.255.255.240
!
interface GigabitEthernet1/2
nameif DMZ
security-level 10
ip address 172.16.31.1 255.255.255.240
!
interface GigabitEthernet1/3
nameif Inside
security-level 100
ip address 192.168.0.2 255.255.255.0
!
interface GigabitEthernet1/4
nameif Branch_Office
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet1/5
shutdown
no nameif
no security-level
no ip address
!
interface GigabitEthernet1/6
shutdown
no nameif
no …
0
I need to setup a Site-to-Site VPN between a SmoothWall v3.1 and a SonicWall TZ.    I have tried to configure the connection on both ends but so far have been unable to get any kind of a connection between the two.  

I have played with the IKE and IPSEC proposals on the SonicWall but have not found a combination which works. I do not see anywhere I can set these on the SmoothWall  Has anyone managed to accomplish this?
SmoothWall.jpg
SonicWall1.jpg
SonicWall2.jpg
0
Hi,

I have a bare metal server and a VPS in one of the well known UK data centres running CentOS 7.  The bare metal server runs some ERP software that is accessible via a web browser (using SSL of course) however there is still the occasional use of an old client-side application that uses the telnet protocol to talk to the ERP system/server as well as printing requirements - Linux to networked IP printers on the LAN.  

I would like to use a hardware firewall in offices with either a VPN gateway running in the cloud or perhaps on the bare metal server running CentOS7.

Can anyone please advise me on the best way of achieving this?

Thanks
0
How do I set port forwarding to connect my exchange server with the public ip of my mail.domain?

Do I need Routing and Remote Access Service (RRAS)  If so do I put it on a DC01, DC02, Gate, Exchange or create a new Server to put it on?
0
My attempts to build iptables rules are failing and I need some help.

I have two external IP addresses (27.92.104.166, 27.92.104.164 - not the real ip addresses...) that will send traffic on tcp port 30505 to my network on its external interface (28.29.28.72 - also not real) which needs to be forwarded to an internal server (10.17.2.9 listening on port 8080).

I started with a simple INPUT rule

iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.166 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT
iptables --append INPUT --match tcp --protocol tcp --src 27.92.104.164 --sport 30505 --dst 10.17.2.9 --dport 8080 --jump ACCEPT

Open in new window


But this is not enough since I also need some kind of FORWARD rule and perhaps a PREROUTING rule, and NAT may play some kind of part in this as well.  There are tons of sites out there with examples that do not match my case so I am floundering in the dark.

I am trying to learn iptables as quickly as I can but can someone point me in the right direction on this particular case?

Many thanks!
0
Is there an IP address block list manager for the latest versions of OS X similar to Peer Block or Peer Guardian?  I need the ability to block communication between my Mac and thousands of IP addresses without slowing things down.  The block list manager should be able to import a list containing hundreds of thousands of IP addresses in a common format and prevent incoming and outgoing communication between the Mac and IP addresses in the list.
0
Adding a 2016 Web Application Proxy into DMZ.

Question is I already have 2 x 2012 WAPs in a cluster. For the new 2016 WAP I just want 1 x pass through http and https proxy for an internal web server. Now The question is - I understand that WAP must install adfs when its installed (even though i don't need any authentication) - Will the 2016 WAP automatically join the current 2012 cluster. Will it cause any issues? Or can I have it stand alone outside the  current cluster ?

The reason I want a new 2016 WAP is the native http to https redirection. Thanks
0
I am working on making a website hosted on a local server only accessible by domain admins. The host name is http://<servername>:8080. I have tried creating different windows firewall rules  with the action set if the connection is secure. Tried by group, username, or computer but anytime I have that rule set it to "secure" it is blocked by the firewall.


Is this because the website its is http? Any other methods I can try?

windows server 2012 R2
0
OWASP: Avoiding Hacker Tricks
LVL 13
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.

Windows Server Firewall Rule to allow 1 local LAN IP and 1 Remote WAN IP RD into server on a particular port

I wish to allow a LAN IP user into the server, and a remote user into the server. Have created the rule on the required
port but as soon as I populate the allowed remote IP address in scope options all LAN users are blocked. If I enter a
value in allowed LAN users - remote IP's are blocked.

Only works if both local and remote are set to allow any.

I previoulsy entered similar question and was told to do using powershell but could not work it out .
0
I am looking to purchase Firewall. Anti-malware router.  It's for my small business of currently about: 30 people but will grow up to 100 units within the next 1-2 years.

The problem is we had a ransomware attack couple of days back and it's made us more aware.

The other thing to take note is: We don't have in house IT professionals, so we hire professionals from all over the world to work on our servers, they sometimes use RDP to login. or team viewer.

We use a VM ware, specifically promox, so we considering using: nakivo for back up also.

Our ISP guy recommended we used: Mikrotik RB/1100AHX2 Routerboard RouterOS Level 6 but he thinks we are small for it, and I think there's something better already.

I want to invest for the next 5years. I want to buy something that will take us to the next level, yet keep us funtional.

I don't know if we can also use it to block certain sites, manage bandwidth for users in the office, anything that'll generally keep security really up above board. Thank you.
0
I have installed Windows 2019 with remote desktop gateway, but i cannot change the default port from 443 to another port. It gives an error that the port cannot be changed. I tried other portnumbers, but no luck. The exact error code is: Changes cannot be made in firewall-rules exception. Event id 4002

I see the current firewall rule, but i cannot change it because it is a defined rule (made by Windows firewall). 2 questions:

1) Can i change a defined rule of the world wide web port 443, made by the windows firewall to another port?
2) When i change the port in my remote desktop gateway and firewall rules to for example 10101, does it give me access from outside to the remote gateway server, or do i get into problems because i need to set the remote desktop gateway (client site) to a differrent portnumber (for example: homeserver.testing.it:10101) ?

Please advice
0
I have a sonic-wall firewall . There are a lot of access roles such as rdp and http being forwarded to internal servers . I need to shot down all of them  for now . What is the easiest way . I just need outgoing traffic to work for now and vpn to work .
1
Is there a cheap sheet for identifying security issues and their solutions to the challenges.  I wanted to get a list of possible security concerns and then the solutions for such a concern.
0
Unable to see shares when I access server 2016 through UPN path from any client/server on same domain. I believe it could be firewall rule SMB over TCP which is blocked. I can ping the server but can't access it.

I'm running Windows server 2016, trial version
error.png
0
i have windows 2016 server
I have data coming in on port 3299
When i hits the server i need to remap it to port 9013 as there is an app on this server which is listening on this port

is this possible/
There is not router, the server sits directly on the internet so it needs to be done it windows
0
Hello,
I have pfsense with multi networks
1 wan
2 lan
3 servers
both lan and servers allowed for internet
but lan to server allowed for specific ip and port
the lan can access to wan and that should be not.
what I have to enable internet for lan without access to servers ?
thanks.
0
Hi all,
We have to configure both scope and protocols on Windows firewall for our failover clustering nodes.
There is some problems such as renewing clustering APIPA IP addresses.
How can we configure these IP addresses on firewall properly?
I've checked the below ranges of local IP addresses but nodes will be down after enabling firewall. We should keep block Inbound and Outbound on firewall.
Sharing any experiences is appreciated.
0
OWASP: Threats Fundamentals
LVL 13
OWASP: Threats Fundamentals

Learn the top ten threats that are present in modern web-application development and how to protect your business from them.

Hi,

how to understand this error and resolve it correctly. tks

Screenshot_1.jpg
0
I like the Zonealarm "Extreme" Pro firewall. But I don't like its management options.

My biggest irritation is the difficulty in managing the program list. Mine regularly bloats to over 2000 programs. The vast majority of which are duplicates.
I can understand why that would happen if a program has changed but the vast majority of the time, they haven't so my first question is
1 Why do we get duplication when a program in the list hasn't changed?

Next, once a program has been authorised either manually or automatically, it often has its "outbound trusted" flag set true. There are almost no programs I want sending data outbound without asking my permission first. So I find I need to "correct" a few hundred of them. Unlike deleting programs, which can be done in bulk (select a bunch, then click "Remove" and they all go) the ONLY way to switch off that "outbound trusted" flag is one at a time. That's insane. so

2 anyone know a way to switch off (or on) such flags in bulk? and
3 is there a way to make the default flag "Ask"

Ideally there would be a file we could hack outside zonealarm with all these settings and use standard database commands (or even text "search and replace" commands) to do bulk editing but I appreciate that would break their security model so I don't expect anyone to come back with that option but something like that, within ZA, is desperately needed

Finally, we used to be able to disable things, like the tvdebug.log by rightclicking the …
0
We have installed a PBX on AWS and connected it to our on-prem Router via VPN.

My on-prem router is connected to the SIP provider via a physical connection with another on-prem MUX device (device given by sip provider).

All connections are working fine, EXCEPT, my SIP provider has a condition that all connections to their server must originate from a specific IP that they have assigned to us.

Since AWS machine is connected via VPN, all calls from PBX are picking up the IP of the AWS machine as "source IP".

For resolving this, i need to replace / masquerade / NAT / change the IPs of all connections from AWS machine's IP to SIP provider's assigned IP. Someone suggested i need NAT loopback/reflection for this. Someone also suggested packet forwarding. someone suggest IP masquerading.

Please guide how can this be done?

Regards.
Network-Diagram--1-.jpg
0
Hello,
I am deploying pfSense firewall following the topology bellow:
My Network Topology : Router + pfSense + FW1 (Router connected to Internet) + Internet Service Provider + Internet WebsiteWhere FW1 is a router connected to Internet using a leased line connection, and pfSense firewall is located in a BACKBONE network, different as users networks.
I add too, that this is a new setup of this firewall, and connectivity in both sides is verified, i mean:
  • Connection to internet : i was able to download new package SQUID/SQUIDGard from Package Manager
  • Connection to the LAN : i can access firewall from  my pc, and i can see SQUID error message, when i try to open a website
The problem now, I want to grant PC IP address authorization to access Internet. I created a RULES for both HTTP and HTTPS protocols, but i still cannot access Internet.
And the firewall, says that i have not the right to do so.
I'd appreciate any help from you Experts.
Regards.
0
Hi,

TrendMicro IWSVA latest version.

Catergory filtering with HTTP works fine but not with HTTPS websites.

Any idea?

regards
0
I looking for any free firewall software appliance. (Like the old version of sophos. The new version of Sophos provide only 30 days software appliance)
I don't know if there is any firewall which provide a software appliance free and without time restriction.
0

Software Firewalls

19K

Solutions

20K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.