Chuck skrev:
Thanks for the update. But don't stop there - find out how to configure Windows
Firewall, and use it. It's there for a purpose.
Yes, but why in my case? In Freesco the firewall is absolutely excellent. All (almost) ports
are completely blocked.
Specially port 445 which is giving problems last day with Zotob worm for example!
This is the firewall settings in my Freesco:
IP firewall input rules, default policy: deny
type prot source destination ports
acc all anywhere anywhere n/a
deny icmp anywhere 81.233.214.255 any
acc all anywhere 255.255.255.0 n/a
acc all anywhere anywhere n/a
acc all anywhere 255.255.255.0 n/a
acc all anywhere anywhere n/a
deny icmp anywhere anywhere any
deny tcp anywhere anywhere any -> ftp-data
deny tcp anywhere anywhere any -> ftp
deny tcp anywhere anywhere any -> 22
deny tcp anywhere anywhere any -> telnet
deny tcp anywhere anywhere any -> smtp
deny tcp anywhere anywhere any -> domain
deny tcp anywhere anywhere any -> 59
deny tcp anywhere anywhere any -> finger
deny tcp anywhere anywhere any -> http
deny tcp anywhere anywhere any -> pop-3
deny tcp anywhere anywhere any -> auth
deny tcp anywhere anywhere any -> netbios-ssn
deny tcp anywhere anywhere any -> 443
deny tcp anywhere anywhere any -> 445
deny tcp anywhere anywhere any -> 1080
deny tcp anywhere anywhere any -> 8080
deny tcp anywhere anywhere any -> 51537
deny tcp anywhere anywhere any -> 48724
acc tcp resolver1-g-fo.skanova.com anywhere domain -> any
acc tcp resolver2-g-fo.skanova.com anywhere domain -> any
acc tcp resolver3-g-fo.skanova.com anywhere domain -> any
deny tcp anywhere anywhere any -> domain
deny tcp anywhere anywhere any -> printer
deny tcp anywhere anywhere any -> 82
deny tcp anywhere anywhere any -> shell
deny udp anywhere anywhere any -> 20
deny udp anywhere anywhere any -> 21
deny udp anywhere anywhere any -> 22
deny udp anywhere anywhere any -> 23
deny udp anywhere anywhere any -> 25
deny udp anywhere anywhere any -> domain
deny udp anywhere anywhere any -> 59
deny udp anywhere anywhere any -> 79
deny udp anywhere anywhere any -> 80
deny udp anywhere anywhere any -> 110
deny udp anywhere anywhere any -> 113
deny udp anywhere anywhere any -> 139
deny udp anywhere anywhere any -> 443
deny udp anywhere anywhere any -> 445
deny udp anywhere anywhere any -> 1080
deny udp anywhere anywhere any -> 8080
deny udp anywhere anywhere any -> 51537
deny udp anywhere anywhere any -> 48724
acc udp resolver1-g-fo.skanova.com anywhere domain -> any
acc udp resolver2-g-fo.skanova.com anywhere domain -> any
acc udp resolver3-g-fo.skanova.com anywhere domain -> any
deny udp anywhere anywhere any -> domain
deny udp anywhere anywhere any -> 515
deny udp anywhere anywhere any -> 82
deny udp anywhere anywhere any -> syslog
deny all anywhere 192.168.1.0/24 n/a
deny all 192.168.1.0/24 anywhere n/a
deny all anywhere 192.168.1.0/24 n/a
deny all anywhere 192.168.2.0/24 n/a
deny all 192.168.2.0/24 anywhere n/a
deny all anywhere 192.168.2.0/24 n/a
acc all anywhere anywhere n/a
Do you think that I can be better off with XP-firewall also?
I don't see that Windows Firewall is so configurable as I would like it to be.
I could not find any way to make an exeption for my internal net there.
So, it will be switched off.
Ralph