March 26th, 2004, 02:05 AM
Windows Firewall Elegance
Does anyone know of a firewall for windows 2k that will spare me the gui nonsense? I've tried norton personal firewall, Zone alarm, and Outpost. They all work, but I don't like them.. their too user freindly if you get my meaning. I just like IPTables nice simple way of doing it. Is there a firewall out there that I can invoke and configure from the cmd.exe prompt? On linux, if I want to change my firewal rules its just a few lines, or one of my premade scripts for common situations, I know EXACTLY what's going on. If I wanted to I could hack up a C script and use netfilter to do just about anything. Is there any windows firewall that will give me anything like this degree of control? Preferably with command line control. I may just need to upgrade to XP and use netsh etc...
Just another rant, like the one about the URG flag yesterday. Thanks for any help you can provide.
March 26th, 2004, 03:21 AM
That would be a dream come true...
Real security doesn't come with an installer.
March 26th, 2004, 03:59 AM
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
March 26th, 2004, 04:37 AM
March 26th, 2004, 02:02 PM
Wow Tedob1, I didn't realize IPSec could do that. I got frustrated years ago when all it would talk about was keberos authentication, tunnelling and other stuff I didn't care about. It's a frightfully over-complex gui part. I acctually found the ways to crete "Filters" and "Filter actions" and apply them to "Policies" with the gui today now that I know it can be done. Microsoft made it way way too complicated. I need to play with XP's ICF and see if it's so bad. IPSecPol.exe, however, seems reasonably simple. As it states on the microsoft download page, it's rudamentary at best, but that's better than nothing. No stateful options other than the apparently default NEW. Forget about checking Flags and such, that's a laugh for IPSec apparently. The advanced functionality in IPSec is reserved for secure authentication. I'll let you be the judge on how useful MS's inplementation of that is... Either way it's windows 2000 basic firewalling on the command line!
Now I can wield the puny power of win2k IPSec. Something I never thought I wanted to do
Thanks alot I think I have my answer,
March 26th, 2004, 03:56 PM
Oops, seems I jumped the gun assuming NEW was default... I'm not sure IPSec is stateful at all... Blocking an inbound packet with IPSec is blocking an inbound packet, not blocking a NEW inbound connection. It's still not to bad for a little tool to do basic port filtering. If you block all ports using options as close to NEW inbound connection as you can, you've really blocked all inbound packets... suck. So mutch for a default block rule. I don't intend to predict what source port mozilla, itunes, yahoo messenger, live update, and whatever else I use will select on startup. That's too inconvenient when IPSec could have just been built to recognize a frickin SYN packet. So now I have to make a rule to only block ports 53, 88, 135, 139, 389 ,445, 464, 593, 636, 1026, 1029, 3268, 3269, 5101. Don't ask me what half of them do. I know no more than nmap tells me. that's why I want them blocked There are somethings I like to go wonderfully in depth on, and somethings I just don't care about. Despite what I thought when I set up the box, the intracasies of win2k advanced server are one of the latter, their boring.
But I got what I asked for, Cheers,