To block a port?

Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Sed posuere consectetur est at lobortis. Vestibulum id ligula porta felis euismod semper. Donec ullamcorper nulla non metus auctor fringilla. Aenean lacinia bibendum nulla sed consectetur. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Cras mattis consectetur purus sit amet fermentum. Morbi leo risus, porta ac consectetur ac, vestibulum at eros. Sed posuere consectetur est at lobortis. Etiam porta sem malesuada magna mollis euismod. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Duis mollis, est non commodo luctus, nisi erat porttitor ligula, eget lacinia odio sem nec elit. Cras justo odio, dapibus ac facilisis in, egestas eget quam. Aenean eu leo quam. Pellentesque ornare sem lacinia quam venenatis vestibulum. Curabitur blandit tempus porttitor. Sed posuere consectetur est at lobortis.

Open N.AV. Options > Firewall > Advanced Settings > In the General Rule, select “New” > Block > Select the Connections’ Block (Recomend the third one) > Any computer > Select the Protocol > “Only communications which…” selct that one > Add > Individual specified Ports > Eneter Port 3398 and Local > Select if you want to be Nofifed when it Blaocks this > Enter the Name of the Rule you want > Click Next then Finish.

Hi

 

3389 is generally used for remote assistance. Remote Desktop etc.

 

Block it by setting up a rule,   Settings - Internet Settings - General Rules.

 

1. Click the "Add" button

2. Tick "Block do not allow connections that match this rule". Then click Next.

3.  Tick " Connections from other computers"  then next.

4.  "Any computer" is already ticked so click Next.

5.  Tick "Only communications that match all types of ports listed below"  Click Add.

6. See screenshot.

 

 

 

Click OK.

 

7. Then just click "Next" and Next and then Finish.

 

It will now show up as a "Firewall Rule" at the bottom of the list off General Rule. Click mofift to change any thing for that rule.

 

Bye

 

Quads 

 

 

 

 


Quads wrote:

Hi

 

3389 is generally used for remote assistance. Remote Desktop etc.

 

Block it by setting up a rule,   Settings - Internet Settings - General Rules.

 

1. Click the "Add" button

2. Tick "Block do not allow connections that match this rule". Then click Next.

3.  Tick " Connections from other computers"  then next.

4.  "Any computer" is already ticked so click Next.

5.  Tick "Only communications that match all types of ports listed below"  Click Add.

6. See screenshot.

 

 

 

Click OK.

 

7. Then just click "Next" and Next and then Finish.

 

It will now show up as a "Firewall Rule" at the bottom of the list off General Rule. Click mofift to change any thing for that rule.

 

Bye

 

Quads 

 

 

 

 


 

Why did you Post that if it is the same instructions as mine?

Hi Floating Red

 

I was Typing out and uploading the screenshot at the same time as you were posting.  within about a minute.

 

When I clicked "submit post" your post also showed upo at the same time as mine.  

 

When I started my message yours wasn't there.

 

Sorry

 

Quads 

Sorry Boys, I have NAV2008 so the screen is different.

You mean you have NIS 2008. Then in that case upgrade to NIS 2009 for free.


NY1986 wrote:
Sorry Boys, I have NAV2008 so the screen is different.

 

It will still look like that.

Thanks guys I decided to block inbound connections to port 3389

I was somewhat conefused on the local vs remote selection, so I did both, would that cause problems?

 

Set up as Follows:

Action-   Block

Direction-  Inbound

Computer-  Any

Communications- Specific

Protocol-  TCP/UDP

 

after I set the rule I look at it and it shows:

 

 

Firewall Rule-

Action-   

Block

Direction-

  Inbound

Computer- 

Any

Communications-

TCP/UDP

local port 3389

remote port 3389

Protocol- 

TCP/UDP

 

This sound right? I wasn't sure if it should be local port 3389 or remote port 3389 so I did them both. Do I also need to set an outbound rule?

 

You're close, but need to make one change. Change the remote port to "any". You're goal is to prevent anybody connecting to your local port 3389. You don't care where they're coming from.

 

You probably could make the protocol TCP only. Making it TCP/UDP is overkill.

 

Also, you're trying to protect inbound connections so there's no need an outbound rule.

 

so to change the remote port to “any” do I have to type “any” or put the whole range of ports?

Message Edited by NY1986 on 10-06-2008 04:16 PM

I don't have a 2008 product readily available but I believe that you just remove the remote 3389 from the list, or if you create a new rule, don't specify a remote 3389.

OK  I reset the rule as follows 

Action-   Block

Direction-  Inbound

Computer-  Any

Communications- Specific

Protocol-  TCP/UDP

 

 after I set the rule I look at it and it shows: 

 Firewall Rule-

Action-   Block

Direction-  Inbound

Computer-  Any

Communications- TCP/UDP

local port 3389

Protocol- TCP/UDP 

so there is no remote port blocked. So that should block any traffic that attempts to come inbound to my computer on port 3389?

 Will it block connections?

Or just the exchange of data?


NY1986 wrote:

OK  I reset the rule as follows 

Action-   Block

Direction-  Inbound

Computer-  Any

Communications- Specific

Protocol-  TCP/UDP

 

 after I set the rule I look at it and it shows: 

 Firewall Rule-

Action-   Block

Direction-  Inbound

Computer-  Any

Communications- TCP/UDP

local port 3389

Protocol- TCP/UDP 

so there is no remote port blocked. So that should block any traffic that attempts to come inbound to my computer on port 3389?

 Will it block connections?

Or just the exchange of data?


 

The only suggestion I would make would be to check your Logs to see what Protocol it is, e.g. T.C.P. and change it to whatever it is.

 

It will Block anything that tries to Access - In-coming - that Port.  Your computer will be able to Access the Port - Out-going; basically, the only way for another computer to contact your computer would be if your computer contacted it first.  Let me know if you would like more of an explaination.

The times I noticed inbound connections on my logs, I don’t recall if it was TCP or UDP. That is why i blocked both protocols

Not directly related to this, I have noticed in the past inbound UDP exchange via my port 53. Of course this is concerning as well

I know it is painfully obvious, but I worry too much about all this. However, I wonder why there would ever be any need for a home PC user like myself to have ANY unsolicited inbound attempts? I mean what reason would a user want to allow unsolicited inbounds? If you need updates, you would send out the request. I’m not worried but curious

Stop worrying already and get a router. Be done with all this. LOL. You question things too much.


NY1986 wrote:

Not directly related to this, I have noticed in the past inbound UDP exchange via my port 53. Of course this is concerning as well


Inbound UDP to 53 is normal. It is part of DNS resolution.

Just Google port 53 and you will get your answer.

 

 http://www.grc.com/port_53.htm

 

http://www.chaminade.org/MIS/Articles/FirewallPortSecurity.htm