:THNK What I miss from version 2.4.x is the nice logging on the firewall log, normally there is nothing on the log of versions 3.0 and 3.5, I had to disable ‘This computer is a Internet gateway’ to get logs of blocked IPs, but shouldn’t ‘Stealth Ports Wizard’ take care of my computer not being visible? Blocking IPs I think make my PC visible? Isn’t making a default the option ‘This computer is a Internet gateway’ dangerous? didn’t the blocked IPs had free acces to my PC or the Internet through me? this questions led to ask you to please explain how the following featurees behave under the mentioned circunstances:
- ‘This computer is a Internet gateway’ option.
- ‘Stealth Ports Wizard’.
What I spec from CIS 3.5 is:
- To Stealth Port actually makes me invisible and the blocking of IPs not make me visible.
- Get to know what ‘This computer is a Internet gateway’ option actually does and why is a by default on.
- Not being DCOM attacked anymore from 190.186.20.xxx:135 or any other IP. I have added this range a zone and add it to ‘Blocked Zones’. After I disabled the ‘This computer is a Internet gateway’ option I got the IPs blocked in that range as it shows in the above image, that is why I say enabling this feature by default is dangerous. But anyway shouldn’t the CIS Firewall stop any attacks no matter if the mentioned option is on/off? why when I [shadow=white,left]enabled[/shadow] it
Shot at 2009-02-04
Shot at 2009-02-04
Defense+ is in ‘Clean PC’, Firewall in ‘Safe Mode’ and Config in ‘Proactive Security’
Note: I’m attaching my exported config. I have Windows Firewall disabled (does it really matter? is full of holes, is like the Bush of Firewalls and CIS 3.5 is Obama). (:LGH)
And I think this is the philosophy of Stalth Ports Wizard and is not being done:
Shot at 2009-02-05
[attachment deleted by admin]