Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Why your firewall will kill you

    Scheduled Pinned Locked Moved
    Off-Topic & Non-Support Discussion
    5
    7
    523
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • AndyRHA
      AndyRH
      last edited by

      I found this to be interesting. It is a short read.

      https://isc.sans.edu/diary/Why+Your+Firewall+Will+Kill+You/30714/?is=55349e6df1ae7d0eb1f5f3ef0a11b2b29cccb62b3a13d647441b48fa18c8f5d6

      o||||o
      7100-1u

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        Never open your admin interface on the WAN to any source address. Anyone doing that should expect to see continuous exploit attempts IMO.

        Steve

        M 1 Reply Last reply Reply Quote 5
        • M
          mer @stephenw10
          last edited by

          @stephenw10 said in Why your firewall will kill you:

          Never open your admin interface on the WAN to any source address. Anyone doing that should expect to see continuous exploit attempts IMO.

          Steve

          Funny, to me it would be common sense covered by the "don't expose anything to the internet that you don't want exploited".

          johnpozJ 1 Reply Last reply Reply Quote 1
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @mer
            last edited by

            @mer said in Why your firewall will kill you:

            to me it would be common sense

            The thing with sense, is its not as common as you would think ;)

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.03 | Lab VMs 2.7.2, 24.03

            1 Reply Last reply Reply Quote 3
            • AndyRHA
              AndyRH
              last edited by

              The part that I found interesting is the active scanning and the low amount of time to be discovered. It makes sense the bad guys are scanning, it just did not occur to me the time to discovery.

              o||||o
              7100-1u

              1 Reply Last reply Reply Quote 1
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                To be honest I was surprised it took a month!

                1 Reply Last reply Reply Quote 1
                • ingridguerci94I
                  ingridguerci94
                  last edited by

                  UAC was supposed to protect against that. But people kept complaining about annoying prompts so Windows made the default security level for never OSes "medium" which doesn't ask about built-in programs running with Admin priviledges,

                  Instead they now use safe screen stuff that looks a program trying to run on up on the internet to determine if it should display an additional prompt.

                  Basically just turn UAC to high first thing on a new PC and never have an issue like the one displayed.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post