Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi expertsAWS opened ports for reference,

   My web application is running on aws ubuntu 16.  I have the following ports open from aws.  
It has the following applications running on ubuntu

uwsgi with nginx -  i  Think it uses port 80
node.js with react - react is rendering on port 9009
webpack with webpack.config.js - which creates js file which will be using port 80
npm run django: runserver  uses port 8000
elastic search :9200 uses port 9200
postgresql used port:5432

Please see the opened ports on aws.  screenshot for reference.

With putty I connect to linux ubuntu machine with the following ip address

There is docker application which runs inside that linux box uses nginx, postgres, elasticsearch

When I run docker application, and I able to see from browser with

Where as when I run python runserver I am not able to see the application.

The site can't be reached refused to connect error.

Whereas I can see the docker application when the docker is run.

Please help me why the python application is not running on the browser, where as Docker application runs well.

With python runserver 0,0,0,0:8000 I am running from the source code.  Whereas with docker I am running the docker image.

Both are same application.  

Please help me in fixing this issue.

with many thanks,
Bharath AK
The Firewall Audit Checklist
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Need help determining the OUTBOUND Windows firewall rule(s) necessary to allow the following command to be run FROM a Win2016 server. The issue goes away if the Windows firewall is set to "Allow" all OUTBOUND connections.

Get-WmiObject -ComputerName $RemoteComputer -namespace "ROOT\Cimv2" -Class Win32_ComputerSystem

Open in new window

When the outbound firewall is enabled, the result of this command is a "No such interface supported" error, and the firewall log shows "DROP TCP x.x.x.x y.y.y.y 50011 49154 0 - 0 0 0 - - - SEND". The "Windows Management Instrumentation (WMI-Out)" is enabled with it's default settings and being respected, as it's visible in the "Monitoring" rules. I've also pretty much tried all available predefined outbound rules with no success.
Hi I wish to use the SDM or ASDM or CCP software & have been looking at the following 2841 cisco routers as they should be compatible.

I wish to know which one would be the best to purchase ?
I have been doing some research into setting up redundant ISPs on the PANs (Palo Alto firewalls), and it seems that if we don't want to run BGP for that site, the best alternative seems to be PBF.  Am I on the right track with that?  Are there other alternatives?
Hi Everyone

What is the best practice for gateways. For example we got blacklisted a while ago and public ip is still blacklisted on spam rats. It says about reverse lookup not being setup

the exact message "Does IP Address comply with reverse hostname naming convention". While letting my isp know we were told to liase directly with spamrats which i did but the ip has not been given ok by spamrats. I think that they want us to set reverse DNS on gateway.

1) What is the best practice for gateways?
2) What happens if i give it a name with my domain?
3) Does it interrupt my traffic?
4) Do i have to change my firewall rules based on the name change?
5) What all do i have to do to get this done?
6) What is the whole purpose of reverse dns on gateway as i was told by my ISP that they only setup if told by a customer to do so?
For PAN FW's OS upgrades in HA active/passive mode.  Can anyone point to the process steps?
Does it required to suspend HA first or doing passive first then failover to the active node?  
Please advice or point to the right link.  Planning to upgrade to the latest 8.0.8 release for PA-850 models.
Looking for the security of a Web Application Firewall, with the least amount of work.

I have been told I needed a Web Application Firewall (WAF) and wonder if it's smarter to use a Web Cloud based WAF? It's for a .NET MVC App. running on IIS.

It sounds like it's a smart way to get security, without first needing to become an expert in it. And to know they are always on the lookout, making their system more secure, would let me rest easier.

Any good names you can recommend?

Also, how difficult is it to "build our own?" What kinds of customization capabilities would we lose, if we went with a Cloud based version?

How long might it take to deploy a cloud version of the WAF?

If I wanted to use AWS, for example, must I also host my website with AWS?

We have Watchguard m400. The firewall is blocking EXE download. I want to allow only help desk to be able to download EXE, drive etc. How can i do this ?

My OS is win10 pro 64 bit.  Due to recent security hacking on my pc, I am thinking if NordVPN would provide the security preventing everyone from entry.  I have Avast Premier protection.  Or can I use ZoneAlarm or some other software.  Thank u and regards.
Are there any well-known repercussions related to disabling NetBIOS for my workstations. There is a lot of broadcast chatter I’d like to eliminate. Also, many of the workstation firewalls are blocking UDP 138 and 137. This blocking combined with the broadcasts results in security logs that are being written to four times a minute per workstation. Quite a lot of work for nothing possibly?

I disabled netBIOS on one workstation and I’m not seeing any issues yet. Is it OK to disable it networkwide?
We Need Your Input!
We Need Your Input!

WatchGuard is currently running a beta program for our new macOS Host Sensor for our Threat Detection and Response service. We're looking for more macOS users to help provide insight and feedback to help us make the product even better. Please sign up for our beta program today!

Many windows 7 workstations on the LAN have full security event logs. The issue is from many netBIOS broadcasts that are being blocked by the Windows firewall and then logged as an Audit Failure.

Why are all workstations broadcasting to each other so much that the logs are filling?
Is the broadcasting normal behavior?
Will it break the network if I disable or block netBIOS from all workstations? I do use the c$ share remotely.
Possibly the firewall shouldn't be blocking this?

Tons of questions because I want to understand this behavior. Thanks!


The Windows Filtering Platform has blocked a packet.

Application Information:
      Process ID:            4
      Application Name:      System

Network Information:
      Direction:            Inbound
      Source Address:  
      Source Port:            138
      Destination Address:
      Destination Port:            138
      Protocol:            17

Filter Information:
      Filter Run-Time ID:      635422
      Layer Name:            Receive/Accept
      Layer Run-Time ID:      44
We have a cloud based firewall provided by our MPLS provider. They recently moved from Cisco to Fortinet. We are given access through a web dashboard.

I knew how to to this with the cisco but not the fortinet. I'm trying to create a rule/policy where i can group a few internal IP's together where they go out and use the same external static IP.

Was just wondering, what logging you enable on your ASA? I ma not sure what to send to my logging server.

Does anyone know how I can stop LFD from sending Failure emails for trusted processes? Do I need to 'whitelist' certain processes in CSF?
Mine is sending an email every minute or so, resulting in tens of thousands of useless emails (& using server time of course)

lfd on Suspicious process running under user postfix
Time:    Fri Dec  8 07:56:26 2017 -0800
PID:     23757 (Parent PID:12511)
Account: postfix
Uptime:  104 seconds


Command Line (often faked in exploits):
smtpd -n 25 -t inet -u -o stress=

Network connections by the process (if any):
tcp: ->

Files open by the process (if any):

Memory maps by the process (if any):
7f3a55962000-7f3a55971000 r-xp 00000000 103:01 11846418                  /usr/lib64/
7f3a55971000-7f3a55b70000 ---p 0000f000 103:01 11846418                  /usr/lib64/
7f3a55b70000-7f3a55b71000 r--p 0000e000 103:
etc etc etc
I use Trend Micro officescan ver 11 . I set up a scheduled job for log maintenance which deletes an old firewall record. The job is finished. the log size remains unchanged. I don't ideal how to check this job status.
We have uninstalled a series of apps and 2 apps, Comodo and Sql2016 didn't uninstall completely.  We use iObit Uninstaller and clicked all apps that we wanted to uninstalled, including  the 2 that wasn't successful done.  

Sql2016 is no longer in the Add/Remove programs but services are still active (How do we remove or uninstall these SQL 2016 services?).

Also, when we try uninstall individually Comodo, we can't, we get this message:

failed uninstall
How do we remove or uninstall partial Comodo?)
Having trouble with workstations running a new software program that uses a SQL DB on an SBS 2011 server (Medtech32 Medical Software.)
Disabling the Server's Firewall allows it to run on the workstations.  I've added the Firewall rules to the Server as stated by Medtech but it still doesn't connect.  Any ideas?
The ports as per their docs are:
TCP Port 3050  on internal LAN/WAN
UDP Port 300 on internal LAN/WAN

is there is any built in voice recorder for mot 4g plus or any recommended apps for this
please advise
We have users that don't have static IPs and need them to gain access to some servers. They do have DDNS with nutpile so wondering if those dns names could be used instead of a source IP.
Free Tool: Port Scanner
LVL 12
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

how to share big audio video files with others
any free urls or sites for that?
pplease advise

I like to see folder structure in Details view rather than Large Icon Default which according to me is useless.
how to make Details view as default in windows 10 laptop.
Dear experts, we are testing pfSense firewall but could not access it via LAN network on a PC. This is our diagram:
ISP ------------- pfSense ---------------- Core switch 3750 ---------- PC

with this diagram, we could ping and access pfSense via web browser :
ISP -------------- pfSense -------------- PC

So I guess something wrong with the core switch and vlan setup, but we could not find why. In switch 3750, the interface connected to pfSense has access mode, vlan 100 - the same with pfSense LAN interface.

Could you please suggest?

in moto 4g plus how to modify dial tone. please advise

i am using google photos nd flickr to back up my photos and videos.

how to sync up photos from google photos to flickr and flickr to google photos

how to sync up my andorid moto 4g plus to sync up my photos to both google photos and flickr when i click any picture automatically.
i do not want watsup pictures to sync though how to avoid that
please advise
In a firewall like Palo Alto Networks you can see what traffic has been allowed or denied by source ip, destination ip, protocol, actions etc. How can I see what's being dropped on a particular VPC?

Software Firewalls





Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Top Experts In
Software Firewalls