Blocking Outbound Traffic Only

Archived from groups: comp.security.firewalls (More info?)

I have a netgear router that has stateful packet inspection and would
like a software firewall to block outbound traffic only since the
router is only capable of blocking inbound. Is there a firewall that
has the option to only monitor outbound traffic?
4 answers Last reply
More about blocking outbound traffic only
  1. Archived from groups: comp.security.firewalls (More info?)

    idealdu@yahoo.com (Reactor) wrote in news:ac9d6eb9.0407231940.59b6aa03
    @posting.google.com:

    > I have a netgear router that has stateful packet inspection and would
    > like a software firewall to block outbound traffic only since the
    > router is only capable of blocking inbound. Is there a firewall that
    > has the option to only monitor outbound traffic?
    >

    Well that depends on what O/S you're using. For me back when I was using
    the Linksys router and BlackIce which neither one can stop outbound by
    setting rules, I used IPsec that's on the O/S.

    IPsec can stop inbound and outbound by port, protocol and IP.

    http://www.petri.co.il/block_ping_traffic_with_ipsec.htm
    http://www.analogx.com/contents/articles/ipsec.htm

    The use of the AnalogX Secpol file makes IPsec simple to use based on the
    rules that have been created.

    IPsec is active on the machines protecting the LAN.

    Duane :)

    Duane :)
  2. Archived from groups: comp.security.firewalls (More info?)

    [This followup was posted to comp.security.firewalls and a copy was sent
    to the cited author.]

    In article <ac9d6eb9.0407231940.59b6aa03@posting.google.com>,
    idealdu@yahoo.com says...
    > I have a netgear router that has stateful packet inspection and would
    > like a software firewall to block outbound traffic only since the
    > router is only capable of blocking inbound. Is there a firewall that
    > has the option to only monitor outbound traffic?

    You could set up a firewall rule to simply allow all incoming, but only
    check outgoing.

    As it is, I would still let the software fireall check incoming. Unless
    you have speed problems (which shouldn't be an issue unless you have a
    VERY fast connection AND a VERY slow computer), it gives an extra line of
    defense in case the router is hacked, somehow gets misconfigured, or
    anything causes something to leak through.

    --
    If there is a no_junk in my address, please REMOVE it before replying!
    All junk mail senders will be prosecuted to the fullest extent of the
    law!!
    http://home.att.net/~andyross
  3. Archived from groups: comp.security.firewalls (More info?)

    idealdu@yahoo.com (Reactor) wrote in news:ac9d6eb9.0407231940.59b6aa03
    @posting.google.com:

    > I have a netgear router that has stateful packet inspection and would
    > like a software firewall to block outbound traffic only since the
    > router is only capable of blocking inbound. Is there a firewall that
    > has the option to only monitor outbound traffic?

    It sounds like you want an early version of Zone Alarm. Originally, they
    only offered outbound protection, and they worked fine for that. I still
    have ZA 1.7 on a CD, but last time I tried it, it would not work (maybe to
    the point of having to restore a drive image) - I don't recall if that was
    with Win98SE, WinME, or WinXP.

    --
    Tom McCune
    My PGP Page & FAQ: http://www.McCune.cc/PGP.htm
  4. Archived from groups: comp.security.firewalls (More info?)

    In article <ac9d6eb9.0407231940.59b6aa03@posting.google.com>, idealdu@yahoo.com says...
    > I have a netgear router that has stateful packet inspection and would
    > like a software firewall to block outbound traffic only since the
    > router is only capable of blocking inbound. Is there a firewall that
    > has the option to only monitor outbound traffic?
    >
    Any software firewall "worth its salt" could be set up to
    accomplish this. With Sygate for example, Advanced Rules could
    be set to Allow all TCP, UDP,and ICMP incoming connections.
    Application Rules could be set to control outgoing application
    connections. This of course would negate Sygate SPI.
    Casey
Ask a new question

Read More

Firewalls Routers Networking