Hiya,
I haven’t had much time to work myself into the depth of v3. So it might be that I could’ve answered my question myself if I’d taken a little more time (which I don’t have) getting to know the new version.
I’ll, however, ask:
I’ve just realised that the only global rules that exist by default are:
“allow all outgoing requests” and “block all incoming requests”.
Doesn’t the “allow rule” grant any programme to phone home and does thus undermine CFP’s excellent anti-leakage abilities?
The default rules in v2.4 seemed to be a lot more secure.
But then again, I didn’t really have the time to see how the hierarchy among different rules and rule-sets is built etc.
Any suggestions would be highly appreciated.
Cheers,
grampa.
Basically the ALLOW ALL OUT IP default rule actually allows more out than the ver. 2.4 rules. What you could do is change the protocol in that rule to TCP and UDP from IP and that would stop anthing but those 2 protocols from going out. If you needed ICMP or GRE(VPN or secure ISP connection) to go out or in for that matter then just write a specific rule for the type of protocol that you need and you would be good to go. You would still need to setup a Trusted Zone for your network, though.
You would also have Defense+ monitoring traffic for anything fishy going on.
jasper
Hey jasper,
thanks for the quick and illuminating reply. However, I’ll first have to read myself into protocols as I have no knowledge on that front whatsoever. Then I’ll certainly try out your suggestions.
Cheers,
grampa.
When you are ready just give us a yell and someone will be glad to help you if you are unsure of anything.
jasper
Cheers m8!
Grampa, I’m going to assume your OS is 32-bit and this question is directed at version 3, so I placed your thread here now. If it’s 64-bit I’ll move it to the other one.
Yes, it’s 32-bit (XP Home SP2).
Thanks for moving it.
Cheers,
grampa.