|
-
September 3rd, 2004, 08:18 AM
#7
i was wondering how i can restrict and secure my box virtually completely
Short answer, you can’t. ( I know, lock it in a safe, forget the combination, never connect to the Internet or any other computer, etc., etc., etc. ... )
Remember the term, you will see it here and elsewhere very frequently; “ layered security”.
But to get to what I assume you meant, Tedob1 has directed you appropriately. A “router/firewall” would add a layer between you and the Internet. The Internet would see the router but not your user computer. The firewall rules on the router would determine what got through to your user computer ( basically you want to deny everything that did not originate from your user computer ).
Next you would put a firewall on the computer in question ( another layer ). This hopefully would protect you should your router be compromised. You already stated you are familiar with shutting down the unnecessary services ( another layer ) so it seems not to be an issue.
Now,
and another question is what ports do you recommend to close either, temporarily and only for xx program, or closed permanently.??
That is really going to depend on what the computer is used for. Basically, close ALL ports, and open them only as needed.
On the router end, AFAIK, most of these are now using a “stateful firewall” which means it will track what your user computer is requesting and only allow returns of those requests made by your user computer. The firewall may then forward a request on say, port 5000, because your computer requested a connection to a service which returned the request on that port. Your user computer would then have to open that port to continue the connection.
On the user computer, ( for a Windows box ) I have no experience with Sygate Personal Firewal . But I believe that the Trend Micro PC-cillin Internet Security anti-virus also includes a firewall that allows the user to control port access.
rijilv siad
Hardware/Firewall is nice, but not as flexible as you may want it to be further down the line.
Could you explain this a little more?? Why are they not flexible?
" And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote