Question Kaspersky Premium Network Rules and/or Additional Firewall?

Please provide comments and solutions that are helpful to the author of this topic.

A

always_forever

Level 1
Thread author
Jul 1, 2021
47
For those running Premium and using that firewall, what network rules do you set beyond the default "out-of-the-box" ones?

I've read that it's best to:
Block port 137 i/o UDP
Block port 139 i/o TCP
Block port 5355 i/o UDP
Block ports 137, 138 outbound UDP
Block port 445 outbound TCP

Are there others you might add? Are these even advisable rules to set?

Also, either way, do you use another OS-level firewall such as Comodo or Simplewall? I read that one or both of these come with suggested network rules which include the above and more. Not sure if I should use one of these instead or just continue to refine the Premium firewall.

Lastly, what's the difference between block inbound/outbound and block packets? Shouldn't blocking inbound and/or outbound also block packets? Seems redundant but I'm sure I'm missing some understanding.

Any thoughts are appreciated!
 
  • Like
Reactions: cryogent and SumTingWong
harlan4096

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,671
hum... I guess blocking some of those ports may lead to network issues:

www.varonis.com

What is an SMB Port + Ports 445 and 139 Explained

An SMB port is a network port commonly used for file sharing. IBM programmer Barry Feigenbaum developed the Server Message Blocks (SMB) protocol in the 1980s for IBM DOS. SMB continues to be the de facto standard network file sharing protocol in use today.
www.varonis.com www.varonis.com

Port 137 also for NETBIOS...

Find info about those ports in Google...
 
  • Like
Reactions: vtqhtr413, Jonny Quest, silversurfer and 2 others
A

always_forever

Level 1
Thread author
Jul 1, 2021
47
harlan4096 said:
hum... I guess blocking some of those ports may lead to network issues:

www.varonis.com

What is an SMB Port + Ports 445 and 139 Explained

An SMB port is a network port commonly used for file sharing. IBM programmer Barry Feigenbaum developed the Server Message Blocks (SMB) protocol in the 1980s for IBM DOS. SMB continues to be the de facto standard network file sharing protocol in use today.
www.varonis.com www.varonis.com

Port 137 also for NETBIOS...

Find info about those ports in Google...
Click to expand...
Thanks for the reply and the useful link! I was going to disable those NETBIOS anyway and put the computers on the network on their own VLAN once I got a new router. I already disabled SMB as I don't need file/printer sharing on the network.

With that being the case, it is alright to block them?

Do you advise using a different firewall or just blocking certain ports/protocols? I did read that Comodo and Simplewall have network rules in place already that are more comprehensive?

Also still unsure what the difference is in Kaspersky's firewall between block (inbound/outbound) and block packet.

Any further thoughts appreciated!
 

Similar threads

Azazel
    • Like
Serious Discussion What is your firewall security setup?
Replies
23
Views
1,520
General Security Discussions
ng4ever
N
Victor M
    • Like
    • +Reputation
    • Applause
  • Suggestion
Setup Idea Stop Intrusions - Firewall Rules
Replies
12
Views
1,367
PC Setup Ideas
Jonny Quest
Jonny Quest
Victor M
    • +Reputation
    • Like
    • Hundred Points
  • Suggestion
Setup Idea Default Deny Windows Firewall setup How To
Replies
7
Views
2,533
PC Setup Ideas
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top