Firewall and bridge.sys

Archived from groups: comp.security.firewalls (More info?)

My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
to connect to internet.
I have to allow it or block it?
Thanks for answering.

--

Solo perchè non mi professo detentore di chissà quale verità
Ma non per questo sono vuoto o privo di morale
Ho principi molto saldi, non prego per dolore
E' molto comodo invocarlo solo quando ci fa soffrire...

[Bluvertigo]

ICQ UIN #26617524 - Rimuovere NOSPAM dall'indirizzo E-Mail
11 answers Last reply
More about firewall bridge
  1. Archived from groups: comp.security.firewalls (More info?)

    mrjx <mrjx@-toglierenospam-inwind.it> wrote:
    > My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
    > to connect to internet.
    > I have to allow it or block it?

    Better forget Sygate and use the Windows-Firewall.

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
  2. Archived from groups: comp.security.firewalls (More info?)

    In article <431eda41@news.uni-ulm.de>, bumens@dingens.org says...
    > mrjx <mrjx@-toglierenospam-inwind.it> wrote:
    > > My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
    > > to connect to internet.
    > > I have to allow it or block it?
    >
    > Better forget Sygate and use the Windows-Firewall.

    VB - read up on the firewalls before suggesting that people drop one for
    the Windows Firewall. While the Windows Firewall is the absolute MINIMUM
    in protection, there are better products (and just about anything on the
    market is better) than it.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  3. Archived from groups: comp.security.firewalls (More info?)

    On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
    <431eda41@news.uni-ulm.de>:

    >mrjx <mrjx@-toglierenospam-inwind.it> wrote:
    >> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
    >> to connect to internet.
    >> I have to allow it or block it?
    >
    >Better forget Sygate and use the Windows-Firewall.

    That wasn't his question.

    Isn't it a good rule of the thumb to block everything you don't use?
    That includes most system files.
  4. Archived from groups: comp.security.firewalls (More info?)

    Iceman <ismand_57@hotmail.com> wrote:
    > On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
    > <431eda41@news.uni-ulm.de>:

    > >mrjx <mrjx@-toglierenospam-inwind.it> wrote:
    > >> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
    > >> to connect to internet.
    > >> I have to allow it or block it?
    > >Better forget Sygate and use the Windows-Firewall.
    > That wasn't his question.

    Yes. But it's the answer to his question.

    > Isn't it a good rule of the thumb to block everything you don't use?

    No. It's a result of the lack of knowledge.

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
  5. Archived from groups: comp.security.firewalls (More info?)

    In article <431f6b5c@news.uni-ulm.de>, bumens@dingens.org says...
    > Iceman <ismand_57@hotmail.com> wrote:
    > > On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
    > > <431eda41@news.uni-ulm.de>:
    >
    > > >mrjx <mrjx@-toglierenospam-inwind.it> wrote:
    > > >> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
    > > >> to connect to internet.
    > > >> I have to allow it or block it?
    > > >Better forget Sygate and use the Windows-Firewall.
    > > That wasn't his question.
    >
    > Yes. But it's the answer to his question.
    >
    > > Isn't it a good rule of the thumb to block everything you don't use?
    >
    > No. It's a result of the lack of knowledge.

    VB, that violates security norms - if you don't need something, block
    it, in fact block it with fully.

    Only allow access to the internet for things that need internet and then
    only to the connections/services they need.

    --

    spam999free@rrohio.com
    remove 999 in order to email me
  6. Archived from groups: comp.security.firewalls (More info?)

    >
    > > Isn't it a good rule of the thumb to block everything you don't use?
    >
    > No. It's a result of the lack of knowledge.
    >
    > Yours,
    > VB.
    >
    That is nonsense. I block everything I do not use. That includes
    remote/local ports on tcp/usp/icmp, in/out, unused services, and
    block application access to remote ports they do not require.
    When I installed Sygate, I knew nothing about firewalls. It took
    me 3-yrs to learn about these computer/internet features so I
    could set up a firewall properly and completely.
    Casey
  7. Archived from groups: comp.security.firewalls (More info?)

    In article <MPG.1d8a2ccbc96e4ae59896bc@news.east.earthlink.net>,
    Casey Klc <casey@notspecified.net> wrote:

    :> > Isn't it a good rule of the thumb to block everything you don't use?

    :> No. It's a result of the lack of knowledge.

    :That is nonsense. I block everything I do not use.

    As do we. The regulations we operate under mandate it: that in
    any situation in which we have a firewall at all, we are required
    to actively manage outbound traffic as well as inbound, and may
    only permit the outbound traffic that we have determined to be -necessary-
    for the network operations approved under our security policies.
    --
    Any sufficiently old bug becomes a feature.
  8. Archived from groups: comp.security.firewalls (More info?)

    Casey Klc <casey@notspecified.net> wrote:
    > > > Isn't it a good rule of the thumb to block everything you don't use?
    > > No. It's a result of the lack of knowledge.
    > That is nonsense. I block everything I do not use.

    If you're "blocking" sockets on 127.0.0.1 or sockets, which your filtering
    application uses, this is just a result of the lack of knowledge.

    > When I installed Sygate, I knew nothing about firewalls. It took
    > me 3-yrs to learn about these computer/internet features so I
    > could set up a firewall properly and completely.

    If you're using Sygate any more, you are just knowing not much about
    firewalls yet.

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
  9. Archived from groups: comp.security.firewalls (More info?)

    That is nonsense. I block everything I do not use.
    >
    > If you're "blocking" sockets on 127.0.0.1 or sockets, which your filtering
    > application uses, this is just a result of the lack of knowledge.
    >
    Sygate doesn't have the ability to block local host 127.0.0.1
  10. Archived from groups: comp.security.firewalls (More info?)

    Walter Roberson <roberson@ibd.nrc-cnrc.gc.ca> wrote:
    > In article <MPG.1d8a2ccbc96e4ae59896bc@news.east.earthlink.net>,
    > Casey Klc <casey@notspecified.net> wrote:
    > :> > Isn't it a good rule of the thumb to block everything you don't use?
    > :> No. It's a result of the lack of knowledge.
    > :That is nonsense. I block everything I do not use.
    > As do we.

    I don't think, that you're blocking everything you don't know, but I
    think, that you know what is running on your boxes, and are blocking
    anything what you don't want to have.

    Am I right?

    So why driving an ALG on Windows and then blocking it? Why not just
    shutting down?

    Yours,
    VB.
    --
    "Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
    deutschen Schlafzimmern passiert".
    Harald Schmidt zum "Weltjugendtag"
  11. Archived from groups: comp.security.firewalls (More info?)

    In article <43208233@news.uni-ulm.de>, bumens@dingens.org says...
    > I don't think, that you're blocking everything you don't know, but I
    > think, that you know what is running on your boxes, and are blocking
    > anything what you don't want to have.

    If you block ALL OUTBOUND and INBOUND by default, then only open
    OUTBOUND for the need ports and then only for the internal IP's that
    need those ports, then you are doing it right.

    If you only allow inbound to specific nodes depending on need an
    port/service type, then you are doing it right.


    --

    spam999free@rrohio.com
    remove 999 in order to email me
Ask a new question

Read More

Firewalls Security Networking