Firewall and bridge.sys

[Guest]

Archived from groups: comp.security.firewalls (More info?)

My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
to connect to internet.
I have to allow it or block it?
Thanks for answering.

--

Solo perchè non mi professo detentore di chissà quale verità
Ma non per questo sono vuoto o privo di morale
Ho principi molto saldi, non prego per dolore
E' molto comodo invocarlo solo quando ci fa soffrire...

[Bluvertigo]

ICQ UIN #26617524 - Rimuovere NOSPAM dall'indirizzo E-Mail

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

mrjx <mrjx@-toglierenospam-inwind.it> wrote:
> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
> to connect to internet.
> I have to allow it or block it?

Better forget Sygate and use the Windows-Firewall.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <431eda41@news.uni-ulm.de>, bumens@dingens.org says...
> mrjx <mrjx@-toglierenospam-inwind.it> wrote:
> > My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
> > to connect to internet.
> > I have to allow it or block it?
>
> Better forget Sygate and use the Windows-Firewall.

VB - read up on the firewalls before suggesting that people drop one for
the Windows Firewall. While the Windows Firewall is the absolute MINIMUM
in protection, there are better products (and just about anything on the
market is better) than it.

--

spam999free@rrohio.com
remove 999 in order to email me

 

[Iceman]

Archived from groups: comp.security.firewalls (More info?)

On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
<431eda41@news.uni-ulm.de>:

>mrjx <mrjx@-toglierenospam-inwind.it> wrote:
>> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
>> to connect to internet.
>> I have to allow it or block it?
>
>Better forget Sygate and use the Windows-Firewall.

That wasn't his question.

Isn't it a good rule of the thumb to block everything you don't use?
That includes most system files.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Iceman <ismand_57@hotmail.com> wrote:
> On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
> <431eda41@news.uni-ulm.de>:

> >mrjx <mrjx@-toglierenospam-inwind.it> wrote:
> >> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
> >> to connect to internet.
> >> I have to allow it or block it?
> >Better forget Sygate and use the Windows-Firewall.
> That wasn't his question.

Yes. But it's the answer to his question.

> Isn't it a good rule of the thumb to block everything you don't use?

No. It's a result of the lack of knowledge.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <431f6b5c@news.uni-ulm.de>, bumens@dingens.org says...
> Iceman <ismand_57@hotmail.com> wrote:
> > On 7 Sep 2005 14:17:05 +0200, Volker Birk wrote in message
> > <431eda41@news.uni-ulm.de>:
>
> > >mrjx <mrjx@-toglierenospam-inwind.it> wrote:
> > >> My firewall (Sygate) notice me that MAC Bridge Driver (bridge.sys) is tring
> > >> to connect to internet.
> > >> I have to allow it or block it?
> > >Better forget Sygate and use the Windows-Firewall.
> > That wasn't his question.
>
> Yes. But it's the answer to his question.
>
> > Isn't it a good rule of the thumb to block everything you don't use?
>
> No. It's a result of the lack of knowledge.

VB, that violates security norms - if you don't need something, block
it, in fact block it with fully.

Only allow access to the internet for things that need internet and then
only to the connections/services they need.

--

spam999free@rrohio.com
remove 999 in order to email me

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

>
> > Isn't it a good rule of the thumb to block everything you don't use?
>
> No. It's a result of the lack of knowledge.
>
> Yours,
> VB.
>
That is nonsense. I block everything I do not use. That includes
remote/local ports on tcp/usp/icmp, in/out, unused services, and
block application access to remote ports they do not require.
When I installed Sygate, I knew nothing about firewalls. It took
me 3-yrs to learn about these computer/internet features so I
could set up a firewall properly and completely.
Casey

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <MPG.1d8a2ccbc96e4ae59896bc@news.east.earthlink.net>,
Casey Klc <casey@notspecified.net> wrote:

:> > Isn't it a good rule of the thumb to block everything you don't use?

:> No. It's a result of the lack of knowledge.

:That is nonsense. I block everything I do not use.

As do we. The regulations we operate under mandate it: that in
any situation in which we have a firewall at all, we are required
to actively manage outbound traffic as well as inbound, and may
only permit the outbound traffic that we have determined to be -necessary-
for the network operations approved under our security policies.
--
Any sufficiently old bug becomes a feature.

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Casey Klc <casey@notspecified.net> wrote:
> > > Isn't it a good rule of the thumb to block everything you don't use?
> > No. It's a result of the lack of knowledge.
> That is nonsense. I block everything I do not use.

If you're "blocking" sockets on 127.0.0.1 or sockets, which your filtering
application uses, this is just a result of the lack of knowledge.

> When I installed Sygate, I knew nothing about firewalls. It took
> me 3-yrs to learn about these computer/internet features so I
> could set up a firewall properly and completely.

If you're using Sygate any more, you are just knowing not much about
firewalls yet.

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

That is nonsense. I block everything I do not use.
>
> If you're "blocking" sockets on 127.0.0.1 or sockets, which your filtering
> application uses, this is just a result of the lack of knowledge.
>
Sygate doesn't have the ability to block local host 127.0.0.1

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

Walter Roberson <roberson@ibd.nrc-cnrc.gc.ca> wrote:
> In article <MPG.1d8a2ccbc96e4ae59896bc@news.east.earthlink.net>,
> Casey Klc <casey@notspecified.net> wrote:
> :> > Isn't it a good rule of the thumb to block everything you don't use?
> :> No. It's a result of the lack of knowledge.
> :That is nonsense. I block everything I do not use.
> As do we.

I don't think, that you're blocking everything you don't know, but I
think, that you know what is running on your boxes, and are blocking
anything what you don't want to have.

Am I right?

So why driving an ALG on Windows and then blocking it? Why not just
shutting down?

Yours,
VB.
--
"Es kann nicht sein, dass die Frustrierten in Rom bestimmen, was in
deutschen Schlafzimmern passiert".
Harald Schmidt zum "Weltjugendtag"

 

[Guest]

Archived from groups: comp.security.firewalls (More info?)

In article <43208233@news.uni-ulm.de>, bumens@dingens.org says...
> I don't think, that you're blocking everything you don't know, but I
> think, that you know what is running on your boxes, and are blocking
> anything what you don't want to have.

If you block ALL OUTBOUND and INBOUND by default, then only open
OUTBOUND for the need ports and then only for the internal IP's that
need those ports, then you are doing it right.

If you only allow inbound to specific nodes depending on need an
port/service type, then you are doing it right.



--

spam999free@rrohio.com
remove 999 in order to email me