Search Results

Search found 3466 results on 139 pages for 'firewall traversal'.

Page 4/139 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >

How do I know if my firewall is on?

- by paercebal

I installed Firestarter, and configured my firewall. But I'm in doubt : On boot, I sometimes see a [FAIL] marker, and to the left, I guess it was something like "start firewall". I can't be sure because the message is seen for less than a second, so I wanted to know if there is a way, without starting the whole firestarter software, to know if the firewall is on and working, or not. Either a gadget, or better, some console instruction, the exact name of the firewall process/daemon, or bash script, will do. Edit: I already tested my computer with the "Shield's Up" http://www.grc.com feature, which marks my computer as "Stealth", but as I am behind a router, I'm not surprised. Still, apparently, my computer answers to pings... Strange...

Read the article
How can I use smbclient to connect to Windows shares by hostname when a firewall is enabled?

- by skyblue

I can't connect to file shares on Windows computers using smbclient -L //hostname when the firewall is enabled. This occurs whether I'm using ufw (which allows outgoing traffic and replies back in with the default configuration) or iptables (where I'm allowing outgoing traffic and replies back in with iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT). However, smbclient -L //ip-address works whether the firewall is enabled or not. I also tested this against a Samba server running on Ubuntu and again smbclient -L //hostname does not work when the firewall is enabled, but smbclient -L //ip-address works whether the firewall is enabled or not. For reference, here are the iptables rules I used during testing: *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -d 224.0.0.251/32 -p udp -m udp --dport 5353 -j ACCEPT COMMIT

Read the article
Is it possible to configure Ubuntu as a software firewall?

- by user3215

I have some systems running on Ubuntu in the private IP range 192.168.2.0-255 . These systems are connected to a switch and the switch is connected to the ISP's modem. Neither the switch nor the modem support firewall options. I don't have any firewall device and I'm not willing to individually configure firewalls on all the systems (via gui/iptables). Is it possible to make an Ubuntu system into something like a software firewall, so that all the traffic/packets sent to or from the WAN(internet) would be allowed/denied based on its firewall rules?

Read the article
UDP blocked by Windows XP Firewall when sending to local machine

- by user36367

I work for a software development company but the issue doesn't seem to be programming-related. Here is my setup: Windows XP Professional with Service Pack 3, all updated Program that sends UDP datagrams Program that receives UDP datagrams Windows Firewall set to allow inbound UDP datagrams on a specific port (Scope: Subnet) If I send a UDP datagram on any port to other, similar machines, it goes through. If I send the UDP datagram to the same computer running the program that sends (whether using broadcast, localhost IP or the specific IP of the machine), the receiver program gets nothing. I've traced the problem down to the Windows XP Firewall, as Windows 7 does not have this problem (and I do not wish to sully my hands with Vista). If the exception I create for that UDP port in the WinXP firewall is set for a Scope of Subnet the datagram is blocked, but if I set it to All Computers or specifically enter my network settings (192.168.2.161 or 192.168.2.0/255.255.255.0) it works fine. Using different UDP ports makes no difference. I've tried different programs to reproduce this problem (ServerTalk to send and either IP Port Spy or PortPeeker to receive) to make sure it's not our code that's the issue, and those programs' datagrams were blocked as well. Also, that computer only has one network interface, so there are no additional network weirdness. I receive my IP from a DHCP server, so this is a straightforward setup. Given that it doesn't happen in Windows 7 I must assume it's a defect in the Windows XP Firewall, but I'd think someone else would have encountered this problem before. Has anyone encountered anything like this? Any ideas?

Read the article
UDP blocked by Windows XP Firewall when sending to local machine

- by user36367

Hi there, I work for a software development company but the issue doesn't seem to be programming-related. Here is my setup: - Windows XP Professional with Service Pack 3, all updated - Program that sends UDP datagrams - Program that receives UDP datagrams - Windows Firewall set to allow inbound UDP datagrams on a specific port (Scope: Subnet) If I send a UDP datagram on any port to other, similar machines, it goes through. If I send the UDP datagram to the same computer running the program that sends (whether using broadcast, localhost IP or the specific IP of the machine), the receiver program gets nothing. I've traced the problem down to the Windows XP Firewall, as Windows 7 does not have this problem (and I do not wish to sully my hands with Vista). If the exception I create for that UDP port in the WinXP firewall is set for a Scope of Subnet the datagram is blocked, but if I set it to All Computers or specifically enter my network settings (192.168.2.161 or 192.168.2.0/255.255.255.0) it works fine. Using different UDP ports makes no difference. I've tried different programs to reproduce this problem (ServerTalk to send and either IP Port Spy or PortPeeker to receive) to make sure it's not our code that's the issue, and those programs' datagrams were blocked as well. Also, that computer only has one network interface, so there are no additional network weirdness. I receive my IP from a DHCP server, so this is a straightforward setup. Given that it doesn't happen in Windows 7 I must assume it's a defect in the Windows XP Firewall, but I'd think someone else would have encountered this problem before. Has anyone encountered anything like this? Any ideas? Thanks in advance!

Read the article
Win 7 firewall won't turn on, nor the McAfee firewall. Hit by "Win 7 Anti-virus 2012" trojan. Removed, but a downed firewall is a lasting legacy

- by PhxTitan

I caught the Trojan right away, I think, but both my McAfee & Win 7 (x64) firewalls are not able to be engaged/turned on now. MS Error Code 0x80070424 when attempting to turn on Win 7 firewall. No viruses. Swept it with McAfee AV, Malwarebytes Anti-Malware, Microsoft malware removal tools. Followed Microsoft's three courses of alternative actions they posted for instructions for getting the Win 7 firewall back up and on. Nothing. Same error code. The post just said see MS support if those fixes failed. So I removed McAfee altogether. Still Win 7 (professional version) firewall won't come on; and clean of detectable bugs. And I'm fully updated with MS Windows 7 updates as well, which is no longer automatic, that too a legacy of the trojan bug I think. Any thoughts on how to get the Win 7 firewall operational??? And auto updating reengaged?

Read the article
Thomson TCM 420 internal firewall deactivation

- by KB22

Hi all, I'm having a really hard time with getting a box into active torrent mode. Windows firewall etc. is done, the actual problem seems to relate to the cable modem which is used to connect the box to the net. It's a Thomson TCM 420 which 'claims' to have an internal firewall. IMHO this internal FW keeps me from using the port I opened for torrenting. To cut it short: is there a way to disable that firewall? The web administration interface of the modem does not provide that option. thanks in advance K

Read the article
Firewall Authentication - logon failed

- by RoseofPurple

I am attempting to use a Watchguard firebox 550e with Fireware XTM 11 to authenticate incoming traffic for RDP access. I have configured the firewall to use my domain controller for Active directory authentication with a Windows 2000 server farm and added a couple of user accounts to the users list in the firewall, but when I attempt to log onto the authentication page for the firewall, I get Logon failed. I know that the user names work and that the passwords are correct. I am also certain that I have told it to log on using Active Directory instead of the FireboxDB. I have tried using the username alone, the domain\username, and the email address. I believe that the Search base is correct (DC=mydomainname,DC=com), and I did not change any defaults for sAMAccountName (and I do not recall making any changes to those items when configuring the domain structure). Any assistance would be appreciated.

Read the article
Permission denied accessing windows firewall

- by Simon Sabin

It doesn't matter who I am logged in as I am getting the following error in the mmc console when I launch the firewall advanced settings There was an error opening the Windows Firewall with Advanced Security snap in You do not have the correct permissions to open the Windows Firewall with Advanced Security console, You must be a member of the Administrators group or the Network Operators group to perform this task. For more information, contact your system administrator. Error code: 0x5. Ive tried processmonitor to identify what permission is being denied but no luck. If I run netsh directly I get access denied as well. This is running windows server 2008 SP2. And yes I was running as an administrator. Any ideas?

Read the article
Work firewall blocking Gmail IMAP port

- by Sean

My work has a very over protective firewall. We use Google Apps for our email and so can access the web interface just fine. I use my laptop at work however (MacBook connected via WiFi through my AirPort Express), and prefer to use Sparrow to check my email. The problem is that our firewall blocks whatever port Gmail's IMAP server uses. I'm trying to figure out the easiest way to work around this. I'm guessing I'll need to use an SSH tunnel or VPN, but I'm looking for specific instructions. I'd prefer to only route the IMAP stuff around the firewall as opposed to using a VPN full time. I have two computers at home (one PC, one Mac Mini) that are always on and could probably act as a server if needed.

Read the article
Firewall blocks FTP PASV response

- by harper

0 down vote favorite I have an FTP server that supports passive server mode (using PASV command). This works fine with Windows XP. When I want to access this server from Windows Vista or Windows 7 with firewall enabled I experience a immediate connection shutdown. A reset packet is sent to the server, the socket is signaled that the server had reset the connection (what is not true). The problem disappears when the firewall is disabled. Connections to other FTP servers work correctly. The difference is that the servers response to PASV does not enclose the address field with parentheses. This is legal as documented in RFC-959 and RFC-1132. How can I configure the firewall to stop this bad behavior?

Read the article
Tracking changes to firewall configs?

- by jmreicha

Myself and one other indivdual will be taking over some of the daily firewall management duties soon and I'm looking for a way to track changes on our firewall configurations for auditing purposes and need some ideas on a good way to track changes the changes that are made. I don't have a lot of specific criteria but here are some of the basic things I would like to be able to do: Access to previous revisions of firewall configs Access to changes made and by whom When specific changes were made I'm wondering if some sort of revision control software would work here as a way to track the the changes? Or if some other approach would work better for managing the change control in this situation. I'm open to any and all suggestions at this point. EDIT: We are using a Checkpoint pair, one passive one active configuration. I will update again with specific model numbers when I get a chance.

Read the article
Disable "Windows Firewall with Advanced Security" for all profiles(Domain,Public,Standard) in local GP using script help! Windows 7 Clients

- by JoBo

We need Windows7 with windows firewall to be turned off , so the GOLD image has windows firewall turned off for all profiles(Domain,Public,Standard) and Windows Service disabled No the same GOLD image deployed with MDT (Apply local GPO) has enabled Windows Firewall under "Windows Firewall with Advanced Security" as part of task sequence Now we need to remove it. "These machines are now on Domain where in we have no rights/control on the domain level GPO", we have local admi rights on these machines We have a requirement do set the "Windows Firewall with Advanced Security" to "NOT Configured" or "OFF "on these machines In gpedit.msc if we manually go to "Windows Firewall with Advanced Security" after enabling Windows Firewall Services then can Clear the settings Do do the same manually on all machines is extra effort Changing values in registry will get reverted on machine restart as its getting applied from local GPO Also using GPMC can connect to remote computer and can manually or using wfw file we can make it not configured but we are looking for a script or a less effort method to accomplish this Please suggest NB: CIA has already reported similar issue//How do I turn off Windows 7 Firewall via script or through automation?// , but doing netsh advfirewall set allprofiles state off on already deployed machines did not make change (FW service on all machine is disabled in GOLd image)// Thanks and Regards Jose

Read the article
Firewall issue with multiple SIP PROXY / REGISTRAR servers

- by MikeBrom

Hi We have a pair of Internet-facing SIP PROXY/REGISTRAR servers (for resilienced and load-balancing). When a SIP phone registers, it will be handled by one of the REGISTRAR servers (round-robin DNS) - and since this registration is renewed, the firewall port/address translation is maintained. Therefore, when a call is to be sent back to the phone the INVITE message passes successfully through the firewall. However, it is likely that the phone may register with one of the two servers, but the INVITE may come from the other. In this situation, the call fails since there is no translation in place on the firewall. Is there a feature in the SIP protocol to facilitate this? Any other ideas? As our traffic grows, we will no doubt end-up with more than two servers - so the problem will escalate. Thanks, Mike

Read the article
Reviewing firewall rules

- by chmeee

I need to review firewall rules of a CheckPoint firewall for a customer (with 200+ rules). I have used FWDoc in the past to extract the rules and convert them to other formats but there was some errors with exclusions. I then analyze them manually to produce an improved version of the rules (usually in OOo Calc) with comments. I know there are several visualization techniques but they all go down to analyzing the traffic and I want static analysis. So I was wondering, what process do you follow to analyze firewall rules? What tools do you use (not only for Checkpoint)?

Read the article
Howto configure openSuSE firewall to route local traffic to local ports

- by Eduard Wirch

I have openSUSE 11.3 installed. I'm using the openSUSE firewall configuration mechanism (/etc/sysconfig/SuSEfirewall2). I have a http server application running on port 8080. I want the http service to be accessible using port 80. I created a redirect rule usign: FW_REDIRECT="0/0,0/0,tcp,80,8080" This works fine for every request coming from external. But it doesn't for local requests. (example: wget http://myserver/) Is there a way how I can tell the firewall to redirect local requests addressed for 80 to port 8080? (using the SUSE firewall configuration file)

Read the article
Fortigate 200A firewall CPU high resource usage

- by user119720

This morning I'm receiving complaints from several end users that saying their whole department network are slow and have intermittent. Therefore I've checked our firewall to see whether if something goes wrong with the device.From my observation in the FortiGate dashboard status, the CPU resources is very high (99 percent). My first assumption is to clear the log since in the alert log the Fortigate log mention that it is already 90% full.Based on my understanding,the log can be cleared by restarting the firewall. After restarting the firewall the network seems okay again but then after several minutes it went up again.The condition still persist until now. Can someone show me where else I can check to fix this issue? I've really appreciate any help that I can get here.Thanks. Edit: diag sys top command

Read the article
Howto configure openSuSE firewall to route local traffic to local ports

- by Eduard Wirch

I have openSUSE 11.3 installed. I'm using the openSUSE firewall configuration mechanism (/etc/sysconfig/SuSEfirewall2). I have a http server application running on port 8080. I want the http service to be accessible using port 80. I created a redirect rule usign: FW_REDIRECT="0/0,0/0,tcp,80,8080" This works fine for every request coming from external. But it doesn't for local requests. (example: wget http://myserver/) Is there a way how I can tell the firewall to redirect local requests addressed for 80 to port 8080? (using the SUSE firewall configuration file)

Read the article
Windows Firewall failing after 9-12 hours?

- by routeNpingme

I have 2 VM servers in the exact same NIC configuration: Server 2003 R2, one NIC connected to private (hardware firewall) network in a 10.x private address space, and one NIC connected straight to public internet. Windows Firewall is enabled for the Public Internet NIC only. Now, what doesn't make sense - this fails generally after 9-12 hours. It's not exact, but once or twice a day, traffic will just stop on the Internet NIC. No event log entries when it happens, and restarting the Windows Firewall service as well as stopping or restarting IPSec Services (just for fun) has no effect. Once the server is rebooted, everything is fine again for another 1/2 day. Any suggestions?

Read the article
Windows vista firewall exceptions unchangeable

- by user61099

Hey, I want to allow a program (iTunes) through my windows firewall, so i check it in the program or port list under the exceptions tab (in my windows firewall settings), then i click OK. When i reopen the window the box is unchecked again. Which means i can never get the program through my windows firewall. I think this is a problem due to administrators rights. Because I also can not delete the program from the list. I can however delete other programs from the list. Anybody have any ideas, tips, remarks?

Read the article
What's the situation that requires stateful firewall?

- by Eonil

I just know there is two kind of firewalls. Stateless and stateful. It's hard to determine what kind of firewall I have to use. Currently I have to run firewall within same machine runs services, Basically I want stateless because of its less resource consumption. However if it is not sufficient for security, it's meaningless. I'll run HTTP, SSH, NFS (only over SSH), and some custom made server on several TCP/UDP ports. Should I use stateful firewall? (edit) Maybe the question can be assumed as 'Should I use stateful rules?'.

Read the article
When the Windows Firewall Service is disabled I cannot remote desktop (RDP) to the machine

- by Matt

When the Windows Firewall Service is disabled I cannot remote desktop (RDP) to the machine. Has anyone seen this? This is on Win7 64 Enterprise on a domain. Is it some sort of domain policy perhaps? EDIT: Yes, when the firewall service is enabled, RDP works like a charm. I can also ping the system when the firewall service is on, but not when it is off. I am starting to suspect some sort of corporate imposed security policy, but GPedit hasn't really showed anything of significance.

Read the article
Taking stock of an existing ASA Firewall

- by Nate

Imagine you are given an existing network using an ASA firewall. The network works, but you aren't sure of anything else. The firewall may be completely improperly configured, with "outside" actually being inside and "inside" actually being outside, for all you know. My question is this: what are the commands to take stock of an existing ASA firewall setup? With only CLI access, how do I figure out: What interfaces are available The names of the interfaces The security levels attached to the interfaces The access-lists attached to the interfaces, including rules and directions I know how to set these things (interface, nameif, security-level, and access-list/access-group), but I don't know how to figure them out given an existing system. On a related note, is there anything else that I should worry about checking to make sure that the network isn't wide open? Thanks!

Read the article
Mac firewall blocking nginx (port 80) from external side

- by Alex Ionescu

I installed nginx using ports and started it with sudo. Accessing the nginx welcome page from localhost works perfectly, however accessing it from an external computer fails. Doing an nmap on the computer from the outside reveals 80/tcp filtered http So clearly the mac firewall is blocking the port. I then proceed to add the nginx executable to the firewall exception list as seen in this image, however the nmap still shows up as port 80 being filtered and I'm unable to access the webpage. The exact binary that is in the list is /opt/local/sbin/nginx which to my knowledge seems correct Any ideas what I should do? Thanks! P.S. Turning the firewall off does allow me to access the website from the outside world, however that isn't an ideal solution.

Read the article
Sunbelt Firewall 4.5 won't block Firefox

- by Jason

I blocked Firefox with Sunbelt Personal Firewall v.4.5 (formerly Kerio Firewall), by placing red X's on the four in/out points in the configutation. I noticed that the posted text messages on the Nascar Live Racecast on EPSN are still updating. I then blocked svchost.exe (out-Trusted), the only other thing enabled that's relevant, and the messages are still updating. (The only other thing allowed is completely unrelated, it's an independant application doing something else, and I don't want to kill that right now, or do a 'disable all traffic' in Sunbelt until it's done.) Anybody heard of Sunbelt Firewall having such a huge, obvious hole? Is there something else that needs set?

Read the article

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >