Security vs services
Results 1 to 5 of 5

Thread: Security vs services

  1. #1
    Banned
    Join Date
    Sep 2001
    Posts
    68

    Question Security vs services

    Ok, I'm running Tiny Personal Firewall on windows 98 SE, and have it set to ask if there isn't a rule already set.
    My rules are as follows:

    Dial-Up Networking Application | UDP/TCP (Both ways) | Local 137-139 | Blocked
    Microsoft Internet Explorer | UDP (Both) | Remote 53 | Allowed
    Microsoft Internet Explorer | TCP (Out) | Remote 80 | Allowed
    Microsoft Internet Explorer | TCP (Out) | Remote 443 | Allowed (Hotmail via MSN IM related iirc)
    Microsoft Internet Explorer | UDP (Out) | IP 127.0.0.1 | Allowed (Norton AV pop3 related iirc)
    Tiny Personal Firewall Console | UDP (Both) | Remote 53 | Allowed
    Tiny Personal Firewall Engine | UDP (Both) | Remote 53 | Allowed
    Messenger | UDP (Both) | Remote 53 | Allowed
    Messenger | TCP (Out) | Any | Allowed
    Messenger | UDP (Out) | IP 127.0.0.1 | Allowed
    Outgoing ICMP | ICMP (Out) | IP 224.0.0.2 | Blocked
    WS_FTP 95 | UDP (Both) | Remote 53 | Allowed
    WS_FTP 95 | TCP (Both) | Remote 21 | Allowed

    I often remove most rules and check that something's still trying to use them, before blocking them again, hense the few blocked ports atm

    My question is: Would blocking the things I have/haven't, such things as ICMP (Pings?), have a major effect on how my connection works as a whole? Will it slow performance on my 56K, or prevent useless data flowing?

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    735
    Why would you block pings?

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    Not real up on Tiny firewall but the anser is no blocking pings will not slow anything down for you. I allowing outgoing and see a response but do not allow a ping into the system. Why block a ping? Well ping of death is where it started with me, and the second is no reason for anyone to want to ping my system want to test then ping M$
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  4. #4
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    I have to agree with Palemoon.

    Blocking ICMP by itself wouldn't do anything to performance. I routinely block PING from outside my network because why does someone else need to ping me. You could just allow it outbound so that you can still ping others to test connectivty. My philosophy is if you don't specifically need, get rid of it.

  5. #5
    Banned
    Join Date
    Sep 2001
    Posts
    68

    Thumbs up M'kay

    I allowing outgoing and see a response but do not allow a ping into the system.
    You're doing that with a rule? I don't think I can do that with Tiny. I could manually allow each attempt, or allow all outbound and then decided to allow inbound (but not know that there was an outbound to start with )
    What firewall and OS are you using?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides