Question Kaspersky Premium Network Rules and/or Additional Firewall?

Please provide comments and solutions that are helpful to the author of this topic.

always_forever

Level 1
Thread author
Jul 1, 2021
47
For those running Premium and using that firewall, what network rules do you set beyond the default "out-of-the-box" ones?

I've read that it's best to:
Block port 137 i/o UDP
Block port 139 i/o TCP
Block port 5355 i/o UDP
Block ports 137, 138 outbound UDP
Block port 445 outbound TCP

Are there others you might add? Are these even advisable rules to set?

Also, either way, do you use another OS-level firewall such as Comodo or Simplewall? I read that one or both of these come with suggested network rules which include the above and more. Not sure if I should use one of these instead or just continue to refine the Premium firewall.

Lastly, what's the difference between block inbound/outbound and block packets? Shouldn't blocking inbound and/or outbound also block packets? Seems redundant but I'm sure I'm missing some understanding.

Any thoughts are appreciated!
 

harlan4096

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Apr 28, 2015
8,692
hum... I guess blocking some of those ports may lead to network issues:


Port 137 also for NETBIOS...

Find info about those ports in Google...
 

always_forever

Level 1
Thread author
Jul 1, 2021
47
hum... I guess blocking some of those ports may lead to network issues:


Port 137 also for NETBIOS...

Find info about those ports in Google...
Thanks for the reply and the useful link! I was going to disable those NETBIOS anyway and put the computers on the network on their own VLAN once I got a new router. I already disabled SMB as I don't need file/printer sharing on the network.

With that being the case, it is alright to block them?

Do you advise using a different firewall or just blocking certain ports/protocols? I did read that Comodo and Simplewall have network rules in place already that are more comprehensive?

Also still unsure what the difference is in Kaspersky's firewall between block (inbound/outbound) and block packet.

Any further thoughts appreciated!
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top