Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
Boundary Protection
Message
<blockquote data-quote="lunarlander" data-source="post: 811889" data-attributes="member: 66581"><p>I use IPFire, the linux distro firewall with IDS ( IPS if you install the optional Guardian module ) . But lately I am using my Dlink modified to DD-WRT firmware. The logging doesn't work, (firmware is in beta) and there are no firewall rules feature. But I figure the firewall rules are just for show, because everyone has to allow port 80 and 443 outbound, and malware writers and hackers know that too. So they code their exploit to use those ports to reach their C&C. And the IPS can be used against you, by sending a spoofed attack with Google's address, so that you are blocked from using Google for x minutes. DD-WRT also has AP Isolation, which stops one connection from messing with another, very nice if you potentially have a pwned PC in your network. Also, you can create as many virtual Wi-Fi networks (with their own SSID) as you please. And I have hackers who gave up attacking this router, but they succeeded in taking over the original DLink. Yes, routers can be hacked.</p><p></p><p>The real perimeter is at the end point, where the firewall knows the apps. You harden Windows to narrow down what is allowed to talk to the net. And then you have strict default deny firewall rules. And you block the stupid default apps that MS allows inbound traffic to. Then you have Windows Defender Exploit Protection with per application protection settings. A lot of work - it is at <a href="https://hardenwindows10forsecurity.com" target="_blank">Harden Windows 10 for Security. How to secure Windows 10.</a></p></blockquote><p></p>
[QUOTE="lunarlander, post: 811889, member: 66581"] I use IPFire, the linux distro firewall with IDS ( IPS if you install the optional Guardian module ) . But lately I am using my Dlink modified to DD-WRT firmware. The logging doesn't work, (firmware is in beta) and there are no firewall rules feature. But I figure the firewall rules are just for show, because everyone has to allow port 80 and 443 outbound, and malware writers and hackers know that too. So they code their exploit to use those ports to reach their C&C. And the IPS can be used against you, by sending a spoofed attack with Google's address, so that you are blocked from using Google for x minutes. DD-WRT also has AP Isolation, which stops one connection from messing with another, very nice if you potentially have a pwned PC in your network. Also, you can create as many virtual Wi-Fi networks (with their own SSID) as you please. And I have hackers who gave up attacking this router, but they succeeded in taking over the original DLink. Yes, routers can be hacked. The real perimeter is at the end point, where the firewall knows the apps. You harden Windows to narrow down what is allowed to talk to the net. And then you have strict default deny firewall rules. And you block the stupid default apps that MS allows inbound traffic to. Then you have Windows Defender Exploit Protection with per application protection settings. A lot of work - it is at [URL='https://hardenwindows10forsecurity.com']Harden Windows 10 for Security. How to secure Windows 10.[/URL] [/QUOTE]
Insert quotes…
Verification
Post reply
Top
