22 Jul
2004
22 Jul
'04
2:42 p.m.
Eric Dondelinger wrote:
How can a normal firewall not be configured to do
exactly the same?
Maybe most people configure their firewall to regulate incoming
traffic only, but I have a couple not-so-small thingies here that
*do* filter outbound traffic too.
Also, filtering 135-139 should be standard (in more serious setups
anyway) - even many ISPs actually do this. Thanks MS for another of
those huge security holes...
It *is* standard. I purchased small routers from D-Link for my parents
and my girlfriend's parents. The routers do include a firewall
(configurable with a web-browser). There were factory default rules one
could change/delete. The default rules block all incoming traffic and
all 135-139 outgoing traffic. I added rules which only allow outgoing
port 25 traffic to the mailprovider's IP address. I did this because I
read about zombie PCs at that time and I wanted to prevent this misuse
absolutely ;-)
This is nothing new. Maybe the reverse firewalls are not configurable,
so that you can not remove the rules. Hackers will of course use
hackable routers, so there will be no protection on this level.
Will provider level blocking (like Coditel) not do the same thing than a
reverse firewall?
Just wondering...
Greetings, Patrick Kaell