Jump to content

Personal Firewall configuration w/o user interaction

muchlux

By muchlux
in Networks and the Internet

 Share

Recommended Posts

muchlux

muchlux

Posted
Posted

Hi, I want to setup a Personalfirewall (Freeware) for some PC newbies.

(Kids surfing the internet via dial-in)

Possible Firewalls are Kerio2.1.5-4.2.3; Sygate5.6; Outpost2.7

The firewall shall not ask the user for apps to allow/block !!!!!

So I need a configuration which is not application dependant.

- block inbound access

- allow streaming media like realmedia

- allow software updates of the installed apps (various)

- IE6 + Outlook express should work

- block all other unneeded port access

Any comments+help is appreciated.


clavicle

clavicle

Posted
Posted

Your options of unattended use of f/wall are bit difficult to achieve the way you are suggesting.

Firstly, an application which may otherwise be allowed to access net may be denied access if it is launched by some other application: like IE launched by microsoft word, or any other application. So in that case you still have to select for the option either to allow or not.

Streaming media like real or media player if being approached through respective player will always be allowed once you select it, but in case you are using streaming option through already opened browser, say IE, it will also be played.

S/ware updates once allowed will again be asked for approval by the user, because after update lot many files change and they present new signatures to the f/wall.

The best option I can suggest you for this workaround would be to use a firewall, say Sygate (I use this one), run all the programs possible, allow the access to those whom you want and block others. Then backup following files from Program Files\Sygate\Spf\ directory or the directory of your install and copy these files in all pcs same directory to get those settings replicated. (You may have to disable sygate f/wall before copying, both from and to).

debug.log

Default.dat

Default.dat.bak

stddef.dat

Stddef.dat.bak

StdState.dat

StdState.dat.bak

syslog.log

tralog.log

TState.dat

TState.dat.bak

TSysConf.xml

(These files are in the sortorder of modified last)

muchlux

muchlux

Posted
  • Author
Posted

Thanks for the quick reply, but the problem is that the users install programs after the firewall has been setup.

And I do not know if they are capable to decide which access to allow/block.

(I use Sygate5.6 and Kerio2.1.5 at home and even for me it's boring to be frequently asked for allow/block apps!)

So my intention was to simulate a simple hardware firewall which is part of most DSL or WLAN routers.

clavicle

clavicle

Posted
Posted
So my intention was to simulate a simple hardware firewall which is part of most DSL or WLAN routers.

So I think limitations are well known to you! Try to work out in these !

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...