hi Toggie,sir pls take a look,I don’t know what these firewall events they are,my web & pc are fine.my CIS is configured for maxi,according to FaZio93.thanks in advantage.
P.S.:these fireall events appeared with the last CIS version,3.9.9…509.
Please create the following GLOBAL rules to remove these alerts from the firewall logging.
Source Port Any
Destination Port 1900
Source Ip Mask 220.127.116.11 / Mask 255.0.0.0
Source Port 68
Destination Single IP 255.255.255.255
Destination Port 67
Source Port Any
Destination Port 445
That should result in less logging of the firewall traffic.
Place then near the Global rule you created for UDP 137/138
hello,Mr.Ronny.i did the rules,placed them near the rule 67-68 and it seems it works,i.e.the numbers of those intrusion attempts decreased dramatically.thanks a lot for your concerning for me;i write to Toggie becase my shame to writte again and again to you.i please one more thing:take a look and tell me wich is my IP? my pc tells one number,CIS tells another number.again,I thank you!
If you wish to block all of your NetBIOS ports you may wish to block TCP IN Port 139.
The two Zones you can see are:
127… Loopback (generally needed)
169… This is a default network IP address space. If you have more than one PC on a home lan and the addresses you use for your PC’s do dot fall within this range, you may have to create another zone.
If you only have a single PC you can leave it or remove it…
Your IP Address is shown in your last picture 89.36…
hi every one.DonZ,i have no router anymore,i’m directly connected to web,LAN. Toggie,pls teach me how to make that rule you’re speaking about,since i’m newly in pc.that rule of yours block all NETBIOS ?is it affect my web speed? pls post what should i do to do,of course if you will.thanks a lot.
It’s absolutely no problem to ask me, if i have no time i will let you know
So don’t feel ashamed there is no need to.
There is one thing that we have to fix and that is your DHCP settings.
Your Ip address is assigned over the network from your Provider based on DHCP, the current global rules prevent your PC from communicating with the DHCP server.
Find the ip address of the DHCP server using the following commands, open a command-box (start, run, cmd) and press enter now type
And find the line that says DHCP Server…: 83.x.y.z
Can you then please create the following global rule ?
Destination Address: 255.255.255.255
Source Port: A Single Port 67
Destination Port: A Single Port 68
And make it the nr 1 rule in the global rules all the way on top.
More information on Global rules and DHCP can be found here