Samoa Posted September 15, 2003 Share Posted September 15, 2003 (edited) How does it work? You decide what to allow and deny. Simple as that. How do you know what to allow? That's the harder part. A properly configured software firewall is just as effective as a hardware firewall but is much more flexible for your use. Generally, you can go to certain sites for to aid in configuring your firewall. scan.sygate.com is one. Any site that has a sleath test works the same generally. Run the sleath test, deny and set the rule by checking a box. When the test is complete your firewall should be stealth. If not clear the settings, and start over. Next, go to dslreports.com (under security, port scan) and run their port scan similarly, your firewall will pop up. Again set the rule first then deny. You should pass the port scan. Lastly Microsoft has a patch for DCOM. Make cetain you get that. Closing port 135 I believe. Any other incoming just read where it is coming from and think about what you are attempting to do with you computer at the time. Generally, any un-initiated action on your part that brings your firewall message should be denied. This guide is by no means perfect. There will be critics, but this works 99%. Please feel free to suggest other means of configuring your software firewall if you have them. For hecklers, please offer a better way...to benefit others. Edited September 15, 2003 by Samoa Link to comment Share on other sites More sharing options...
Jon Posted September 15, 2003 Share Posted September 15, 2003 Hideously over simplified, but it'll work in most cases of casual target hunting. ;) Firewalls are not simple as you claim, and default rules created by personal firewalls in NO WAY relate to the kind of rules used on hardware machines. Personal firewalls effectively work by source/destination process. Hardware firewalls work almost soley on ip/port. People got hit by blaster because they didn't understand what they allowed / denyed. There is no simple way to fix this, personal firewalls are too complex for most home users, the sooner we accept that and move on to different solutions the better. Link to comment Share on other sites More sharing options...
Samoa Posted September 15, 2003 Author Share Posted September 15, 2003 Hideously over simplified, but it'll work in most cases of casual target hunting. ;)Firewalls are not simple as you claim, and default rules created by personal firewalls in NO WAY relate to the kind of rules used on hardware machines. Personal firewalls effectively work by source/destination process. Hardware firewalls work almost soley on ip/port. People got hit by blaster because they didn't understand what they allowed / denyed. There is no simple way to fix this, personal firewalls are too complex for most home users, the sooner we accept that and move on to different solutions the better. Generally yes people aren't sure of what to allow or deny. But that doesn't mean my guide would not work. It does work. Hardware firewalls are an alternative solution, which one could argue is better. But software firewalls are just as safe if properly configured. My guide shows how to go about generally protecting your software firewall. Thanks for your input. Link to comment Share on other sites More sharing options...
Samoa Posted September 15, 2003 Author Share Posted September 15, 2003 http://www.microsoft.com/technet/treeview/...in/MS03-039.asp Is the link to patch your DCOM from MS. Link to comment Share on other sites More sharing options...
Samoa Posted September 16, 2003 Author Share Posted September 16, 2003 http://www.microsoft.com/technet/treeview/...in/MS03-039.asp sorry first one doesn't work trying again...there we go. :) Link to comment Share on other sites More sharing options...
cbosdell Posted September 16, 2003 Share Posted September 16, 2003 thanks! Helped me patch up a few ports from attacks although my config was already pretty secure its even more so now :D Link to comment Share on other sites More sharing options...
dreamz Veteran Posted September 16, 2003 Veteran Share Posted September 16, 2003 thanks for the sites! i am stealthed! :ninja: Link to comment Share on other sites More sharing options...
Samoa Posted September 16, 2003 Author Share Posted September 16, 2003 No problem guys, glad you used it. That's why a posted it, to help other neowinians.. UPDATE: While at dslreports.com, you are doing the port scan first. After wards take time to do the slow scan as well, it takes a little time to load then run. When it's done you should have a score of -0. Similarly blocking that one or more pop ups. Link to comment Share on other sites More sharing options...
Recommended Posts