firewall rules

Marcel P. · 09-09-10, 05:33 PM

Read here about how ports 137 - 139, 445 are common attack ports from
hackers. In online armor I see those ports had rules to allow them so I
removed those rules and made a rule to block 137-139, 445 in/out TCP/UDP.
Was that a good rule to make or just a waste of time?

VanguardLH · 09-09-10, 06:40 PM

Marcel P. wrote:

> Read here about how ports 137 - 139, 445 are common attack ports from
> hackers. In online armor I see those ports had rules to allow them so I
> removed those rules and made a rule to block 137-139, 445 in/out TCP/UDP.
> Was that a good rule to make or just a waste of time?

Allowed those ports WHERE? You never mentioned what OA's rules actually
said. Maybe they allowed access to ports only on your intranet (i.e.,
all your hosts with 192.168.x.x since those IPs are not routable).
Plus, if you're using a router, it probably has rules to block those
ports from outside connections. If you have a router and its firewall
is already protecting you from external connects on those NetBIOS ports,
do you still need to protect yourself from hosts inside your own private
network?

Marcel P. · 09-10-10, 02:23 PM

On Thu, 9 Sep 2010 18:40:39 -0500, VanguardLH wrote:

> Marcel P. wrote:
>
>> Read here about how ports 137 - 139, 445 are common attack ports from
>> hackers. In online armor I see those ports had rules to allow them so I
>> removed those rules and made a rule to block 137-139, 445 in/out TCP/UDP.
>> Was that a good rule to make or just a waste of time?
>
> Allowed those ports WHERE? You never mentioned what OA's rules actually
> said. Maybe they allowed access to ports only on your intranet (i.e.,
> all your hosts with 192.168.x.x since those IPs are not routable).
> Plus, if you're using a router, it probably has rules to block those
> ports from outside connections. If you have a router and its firewall
> is already protecting you from external connects on those NetBIOS ports,
> do you still need to protect yourself from hosts inside your own private
> network?

What the rule had said was system allow TCP/UDP 137-139,445 in/out but had
seperate rules for TCP and UDP. Online Armor set those rules automatically.
I can't use my own router because I also get TV via telephone cable and it
has to go through the router my ISP supplied and the rules set are medium
security level and I don't know if it blocks those ports or not at mediium
security level. Was told not to change the security level by the installer
so decided to set my own rules in the software firewall.

What if I disable firewal in the provided router and then connect my own
router to that router and use my own router for just the internet and
theirs just for TV. Will that work? My onw router has Tomatoe firmware and
has a lot more options to configure so would rather use my own.