Advice Request Boundary Protection

Please provide comments and solutions that are helpful to the author of this topic.

LDogg

Level 33
Verified
Top Poster
Well-known
May 4, 2018
2,261
Standard DNS (due to connecting to free wifi points in my home town to login)
VPN: Windscribe
Firewall: Windows Firewall w/ Malwarebytes Windows Firewall Control.

~LDogg
 
  • Like
Reactions: mellowtones242

lunarlander

Level 1
Verified
Oct 8, 2017
30
I use IPFire, the linux distro firewall with IDS ( IPS if you install the optional Guardian module ) . But lately I am using my Dlink modified to DD-WRT firmware. The logging doesn't work, (firmware is in beta) and there are no firewall rules feature. But I figure the firewall rules are just for show, because everyone has to allow port 80 and 443 outbound, and malware writers and hackers know that too. So they code their exploit to use those ports to reach their C&C. And the IPS can be used against you, by sending a spoofed attack with Google's address, so that you are blocked from using Google for x minutes. DD-WRT also has AP Isolation, which stops one connection from messing with another, very nice if you potentially have a pwned PC in your network. Also, you can create as many virtual Wi-Fi networks (with their own SSID) as you please. And I have hackers who gave up attacking this router, but they succeeded in taking over the original DLink. Yes, routers can be hacked.

The real perimeter is at the end point, where the firewall knows the apps. You harden Windows to narrow down what is allowed to talk to the net. And then you have strict default deny firewall rules. And you block the stupid default apps that MS allows inbound traffic to. Then you have Windows Defender Exploit Protection with per application protection settings. A lot of work - it is at Harden Windows 10 for Security. How to secure Windows 10.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top