Go Premium for a chance to win a PS4. Enter to Win

x

Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

In a firewall like Palo Alto Networks you can see what traffic has been allowed or denied by source ip, destination ip, protocol, actions etc. How can I see what's being dropped on a particular VPC?
0
[Webinar] Cloud Security
LVL 11
[Webinar] Cloud Security

In this webinar you will learn:

-Why existing firewall and DMZ architectures are not suited for securing cloud applications
-How to make your enterprise “Cloud Ready”, and fix your aging DMZ architecture
-How to transform your enterprise and become a Cloud Enabler

I am trouble-shooting client VPN connectivity from PAN "Global Protect". The client logs in but instantly logs out. I want to verify that this is not being caused by the windows firewall. How can I exculpate the windows firewall as not interfering with the Global Protect VPN connection process? TY
0
Dear Experts, we could not use remote Desktop service into a Win server 2008 R2, it said that "Your credential did not work"; some steps were performed but could not help:
1. Open all Firewall profiles, disable Antivirus
2. Changing password
3. Create a new local user and add to Remote Desktop Group
4. Change remote port
5. Restart RDP service
6. Allow remote desktop service

Any idea please?
0
I want to view all incoming connections to my laptop including the Failed ones!

I have setup this test scenario:
- configured FileZilla server to Listen to port 8888  on my laptop
- tried to connect to my laptop from remote using an FTP client using default port TCP 21  (which fails)

The question now, How can I view this failed attempt or connection on my laptop ?
something like viewing a LOG on a normal firewall (Perimeter or DC firewall) .

Thank you..
0
Hi,

I need to create two ports on a windows machine, they are 8752 & 8090 how do I do this? this is for testing.

regards,
kay
0
Hello Experts,

I would like to change my current (route outside 0.0.0.0 0.0.0.0 64.64.64.230 1) outgoing internet traffic through different interface  (route dsl1 0.0.0.0 0.0.0.0 192.168.254.254 2)


route outside 0.0.0.0 0.0.0.0 64.64.64.230 1
route dsl1 0.0.0.0 0.0.0.0 192.168.254.254 2
route dsl2 0.0.0.0 0.0.0.0 172.16.17.254 3

i Tried unplugging the outside interface hoping internet traffic would go out the other interfaces but it did not. so maybe  i am  overlooking something. I thought that since they have 1, 2, 3, after each route it is supposed to go out other interfaces if it fails on the first one.
Please note i can only use  SSH to make changes no ASDM
Please provide exact step by step solution. my PiX knowledge is very limited
Running Config Attached
Thank you
Running-Config-temp.txt
0
Hi Experts,

I am having a enormous amount of intrusion attempts on our cloud web and sql servers.  It's a different IP address all the time.  I am currently researching this further but not having much luck on how to close up the vunerability or stop it.

Any ideas how I can stop this?  My mailbox is flooded with these notifications and it's increasing.

We use Symantec Endpoint Security, A firewall, and the windows firewall

Thank you,

Karen
0
Hello dear community,
Ineed  to upgrade firewall checkpoint from 77.20 to 77.50
I would like feedback on this subject and if there are any script to automate this operation because I have a lot of firewall in different countries, and also how log time for interrupting service in upgrade
Thank you for advance
0
In the example below, I see that I am listening on port 8080 (www) and then I have the mapped port of 63. I have a questions about that 63. Can that be any number I make up? Or is this supposed to be structured in certain way? I am using ASA 9.4 and above. Also, if I am listening on port 8080 what do I need the 63 for?

(config#)Object network WEB-SERVER
(config-network-object)# host 172.10.150.100
(config-network-object)#nat (inside,outside) static 1.1.1.1 service tcp www 63

Open in new window

0
I am interested in installing Sophos XG firewall home edition on a PC. the following link has been given to me by Sophos as a link for the free download.

Link for Sophos XG firewall home Edition

I am somewhat nervous however as the site issues a warning to the effect that any existing operating system will be erased when installing the product. I understand this bit I am not sure what will happen if I click the Get Started button on the Sophos web site.
I would hope that an image file would be downloaded that I could burn to a CD/DVD and then use to install the product on a PC with no OS on it.
I wish to be assured that clicking on the Get Started button won't result in the XG firewall being installed on my PC and wiping out the my PC.
0
New Tabletop Appliances Blow Competitors Away!
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

I've got a 5545x that I'm configuring for remote access VPN.  I've done a few 5506's but this is my first 5545.

I initially started with AnyConnect. I could get the client connected, but I couldn't get a ping response.  The client statistics showed control data was being exchanged.  Client data was being sent, but not received.

I wiped and reconfigured and got the exact same results.   Then I tried configuring IPSec for the legacy VPN Client because I can always get that to work. :-)

Exact same results.  Client connects fine but no data.  "show cry ipsec sa" shows pkts decap are increasing but pkts encaps are not.  

I figure that I'm just missing something and I've been looking at it for so long that I'm just not seeing it. Hoping someone can look at this and see a typo or a missing statement that I'm missing.

I've stripped out all the non-essentials and sanitized the output.  If I got overzealous with the stripping and cleaning, let me know and I'll repost.

Thanks.

Don

P.S.  I've added a bunch of... junk that I don't usually have while throwing things at this to see if something sticks.


ip local pool RA_VPN_POOL 192.168.255.1-192.168.255.62 mask 255.255.255.192
ip local pool AnyConnect_VPN_Pool 192.168.255.129-192.168.255.254 mask 255.255.255.192
!
object network VPN-Nets
 subnet 192.168.255.0 255.255.255.0
!
object-group network Inside-Networks
  network-object 10.10.0.0 255.255.0.0
 network-object 192.168.0.0 255.255.0.0
!

Open in new window

0
I have a user that is abusing their privileges and would like to block services internally. A user wished to have the Dish Network application installed on their laptop to use while traveling. There has been reports that the use was using the application in the office while on the network. I wish to block services to this application while on the internal network. I currently have Palo Alto firewalls on the network. How do i block this service from my internal network?
0
Dear, we have a public server. how can we block remote desktop service to its public IP address? and allow only to its local IP?

I tried in Firewall advance setting, set the scope, but did not help.
0
I am new to PA firewalls and wonder what's other's opinions compare to Ciscos please.  I heard they are user-friendly but security guys hate them.  They can be very pricey as well.
Thanks in advance!
0
Hi Team,
 
            I need a data tracker software free tool.I want to find which IP address/machine/user use upload/download amount of data.
I need a software tool for this monitoring.So can you please suggest me best tool free version.
0
Inherited computers from another IT company that have Trend Micro Security Agent installed on them without the uninstall password, does anyone know how to go about changing the password to uninstall. It's causing network issues.
0
I am running ubuntu 14, using the built in FTP server.
When I try to connect to it, it connects, but I get this error below

Status:      Connection established, waiting for welcome message...
Status:      Logged in
Status:      Retrieving directory listing...
Status:      Server sent passive reply with unroutable address. Using server address instead.
Command:      LIST
Error:      Connection timed out after 20 seconds of inactivity
Error:      Failed to retrieve directory listing

Yes, I know I can change the setting in filezilla to active mode and then it would work, but that does not solve my problem.  I have a computer running a script FTP'ing files to my linux box, and it stopped working.
The only thing I did yesterday is disable and enable the firewall on the linux box, and it almot seems since then, it stopped working.

I'm thinking the problem is on the linux box?
0
I am using Linux, trying to connect to my ftp server using service-U in a remote data center.  I have an always on vpn connection to the data center. From a windows box, I can ftp just file to the server,  it from the Linux box, I keep on getting this error message.


First it says:
Connected to 10.2.x.x
421, service not available, remote server has closed connection

So I looked at the logs on my ftp connection and I didnt see any connection attempt.

Is this a Linux issue or my firewall, I'm thinking it's my firewall.
0
Hello Team,

I used to have my vpn tunnels using sonicwall to sonicwall. Some of my remote offices are hiding behind a natted static public ip address and the wan interface of the sonicwall has a private ip address assigned. When using sonicwall to sonicwall a public vpn tunnel can still be accomplished in this scenario when specifying the PEER IKE IP (private ip of the wan interface) on the sonicwall on the other site along with the public ip. This is refereed to as NAT Traversal.

Now we're moving to Checkpoint in our primary site where all our remote offices connect to, so we need to have a checkpoint to sonicwall VPN and so far it works fine except on the sites that are using NAT Traversal. How can we apply this same PEER IKE IP concept in the checkpoint connecting to the sonicwall with a private ip address in the WAN interface.

Thank you.
0
2017 Webroot Threat Report
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Been trying to upgrade the ios on ASA 5525s from 8.6 to 9.44. To do so there is first the need to upgrade to 9.04 and than to 9.44 but when the upgade to 9.0 was done a lot of config on the asa went missing; including nat rules, object network and access list entries etc. Any ideas why it happened.

Kind regards
0
Hi,

forgot windows 10  laptop password on old laptop to get into laptop. How do i reset or get into this old laptop. please advise
0
Hi,

I really need a help and guidance on how to go about setting up a wifi hotspot at our Cafe. We have regular customers which comes every morning to have cup of coffee and little snack. Normally, customers comes while they have their coffee for about 10 to 20 minutes and then go.

I would like to offer a Free Wifi to all my customers who comes to my cafe for coffee for 10 or 20 minutes.

I should be able to print out a wifi voucher which they can use to access the internet on their mobile phones or laptop. But usually it'll be just a mobile phone. The internet will be stricted ONLY to checking emails online and or Facebook - nothing else. It should not allow them to download softwares, torrents, since we dont have unlimited data to our ISP.

Remember, that after 20 minutes, the voucher should die out. And it can only works to one mobile phone.

Anyway's that is the plan and i hope i can get answers on how to proceed and going forward.

Thank you and i look forward to comments.

Kindest,
Bakaka
0
I've been asked to turn on logging for code ASA-6-302014.  According to Cisco it's the Teardown TCP connection.
I have logging enabled and have set notifications  for syslog ID 302014.  I can't seem to get ASA-6-302014 to show in my log files, but I get ASA-5-302014.  Is this the same thing?

Our ASA is a 5520 8.2(1) 

Thanks,

Eric
0
Hi,

moto 4g plus android makes noise while taking photo. how to mute while taking photo. please advise
0
In Palo Alto Networks there is a test sec policy command that will let me know whether the traffic from source A to dest B for port C will pass or be denied. i.e. test sec policy 10.10.10.100 to 10.10.20.100:80 ALLOW (or DENY). Is there a similar function within VMWare NSX?
0

Software Firewalls

19K

Solutions

19K

Contributors

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.