You should redefine the strategy to use on your firewall.
The most common and secure strategy is to close all ports (drop packets) and open those that are to be used by local applications only.
Hi!
I have few ports closed. Is there a way to open a few others at the same time because fw is blocking them. Why, I dont know. As I understand WI only alows all not specified either accept or drop.
THX bop
You should redefine the strategy to use on your firewall.
The most common and secure strategy is to close all ports (drop packets) and open those that are to be used by local applications only.
Hmmm. All are open (except a few) but fw is still trashing them like crazy. How do I persuade it not to do that?
Closing all results in chaos and requires hours to spend (+ port range is not range any more thankyouverymuch).
Shouldnt machines serve us not vice versa? Considering we only live 70-80 years at best ......
So no easy solution?
THX bop
It seems that you have mislead the firewall concept. Dealing with security, that's the main reason of having a firewall, could turn into a nightmare if you do not how to deal with it.Originally Posted by bop
Asus has developed one of the most realistic firewalls I have seen so far when talking about home-users firewalls and that means complexity. If you were looking for wireless, this is not your solution; a simple access point without extra functionality would be enough. If you were looking for security, you have either the choice of getting a less sophisticated firewall or trying to learn more of this matter.
It is important to know what "DMZ" is for, when "port triggering" can be used, how packets flow through the 3 segments that can be defined within a firewall, how to redirect traffic that comes into the router to a target host within our LAN, when port translation is more suitable than "port triggering", etc. Without knowing about this it could be a bit difficult to get your firewall to act in the way you want.
I really encourage you to learn more of this matter since, as you have said we have 70-80 years at best to learn new things!
Most of the times we are not at the expense of the machines, most of the times we are at the expense of our knowledge.
I need security.
Problem solved (for now) - restarting sometimes messes with port forwarding - entries get lost, quadrupled, new entries appear,... Sometimes. Posted a Q about it but no one answered.
BTW what I wanted to say was - the whole concept of tools was lost at the very beginning. Seems like a work of a very smart child - high IQ and everything else 0. I can not explain otherwise why millions of people spend trillions of hours just to make a tool work. Bizzare. Or maybe, as I learned through years, people complicate things they do not comprehend.
Anyway, althoug I work 12-16 hours a day I could/would/should learn a bit more about the tools. Which literature would you suggest?
THX bop