Can anyone tell me what the current default settings are for the firewall global rules in proactive mode are? and are there any “must haves” that should be added. thanks
The default Global rules can be seen in image 1 below. Any changes you make will depend on your environment and your specific requirements. For example:
If you are part of a LAN and need to share files and printers, you can run the Firewall/Stealth Ports Wizard with the first option:
Define a new trusted network and make my ports stealth for everyone else
This will change the Global rules to those seen in image 2
If you’re not behind a router and you want to ‘stealth’ yourself, also run Firewall/Stealth Ports Wizard option 3:
Block all incoming connections and make my ports stealth for everyone
The result can be seen in image 3 (this also includes the previous option) Making this change, however, will require you to open ports for any server service you may run, such as p2p programs, RDP, web/ftp servers etc. To open the appropriate ports you would create inbound rules above the last block rule.
[attachment deleted by admin]
I used the Stealth ports wizard and selected option 3: block all incoming connections and make my ports stealth for everyone on both my computers and have the following global rules:
allow IP out from MAC any to MAC any where protocol is any
allow ICMP in from MAC any to MAC any where ICMP message is fragmentation needed
allow ICMP in from MAC any to MAC any where ICMP message is time exceeded
block IP from MAC any to MAC any where protocol is any.
Forgot to mention I am using a university network.
Just wondering if the above settings were “correct” since they are so different from the given default settings.
The default Global rules for the Proactive security configuration are shown in the first image I posted above. When you run Stealth Ports Wizard with the third option the result is what you’ve posted. In my earlier post I said the third image was the result of running both options 1 and 3, hence the difference.