Firewall: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
A common free firewall for Windows that blocks all of your ports is [http://www.zonealarm.com zone alarm]. | A common free firewall for Windows that blocks all of your [[ports]] is [http://www.zonealarm.com zone alarm]. | ||
If you're using a Unix based operating system, I recommend a firewall such as [http://www.openbsd.org/faq/pf/ pf]. | If you're using a Unix based operating system, I recommend a firewall such as [http://www.openbsd.org/faq/pf/ pf]. |
Revision as of 10:05, 5 October 2005
A common free firewall for Windows that blocks all of your ports is zone alarm.
If you're using a Unix based operating system, I recommend a firewall such as pf. My recommended process for installing a firewall is:
- Block all by default
- Allow rules only as required
For example, if you have blocked all by default, first you will want to try to resolve DNS I'm sure. So you will need to start a packet sniffer (tcpdump, ethereal, snoop) and watch the packets trying to leave and come in. In another window, type "host yashy.com" to try and resolve my DNS. As you should see, you need to allow port 53.. but was that TCP or UDP? You not only want to only allow that port, you may as well include the protocol as well. Once you have modified your firewall ruleset so that "host yashy.com" actually resolves and returns an IP, try to use your browser to get there. As you will see, now you need to create a TCP rule for outbound port 80. Eventually you'll have a very decent firewall.