TechSpot

two suggested rules for your firewall

By jobeard
Jun 6, 2006
  1. IF you have more than one system AND you are behind a router with NAT
    then ipconfig /all will show your ip-address in the 192.168.*.*, 10.*.*.*, or 172.16.*.* range [r].

    Under these conditions, there are two firewall rules to speed-up the firewall processing
    and assist in allowing your LAN systems easy access to one another.

    1) allow tcp/udp in/out from/to 127.0.0.1
    these references are already confined to the local system and no need to be concerned​
    2) allow tcp/udp in/out from/to [r] (from the above)
    all these are on your local LAN and under your control already​

    move both of these to the TOP of the rule list.
     
  2. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    #2 means that once one of your systems is compromised or when a guest/intruder system connects to your LAN, this computer is doomed too..
     
  3. jobeard

    jobeard TS Ambassador Topic Starter Posts: 9,343   +622

    as is true for all Commercial infrastructures. There's no simple,
    one rule fits all. This is also why security must be layered with multiple approaches.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...