Questions tagged [firewalls]
Concerned with software or hardware firewalls
1,165
questions
1
vote
4
answers
104
views
Is firewall needed when a VPS is used to run a single service?
Consider the following cases.
A vps running a selfhosted service which is listening on port 1234.
Case 1: There is firewall configured that blocks all incoming connections by default. Now port 1234 ...
1
vote
1
answer
88
views
How exactly do corporate companies decrypt employee SSL/HTTPS traffic on company owned corporate devices? [duplicate]
I understand that corporate companies can/do decrypt employee SSL/HTTPs traffic because the company owned device has a company owned SSL certifiate.
I thought the first certificate would encrypt the ...
1
vote
0
answers
61
views
How to include the coreruleset rules in OPNsense firewall WAF (Nginx)
I want to integrate ModSecurity into the WAF to ensure I'm protected with OWASP Top 10 security mitigations. I'd appreciate your guidance if there are any specific configurations you recommend for ...
0
votes
0
answers
43
views
Multiple firewalls running on the same machine
On my machine, I have had the Bitdefender firewall and the default Windows firewall running for some time. In the past, I have set rules and exceptions such as to block ads on certain applications. ...
0
votes
1
answer
44
views
Whitelist at network level, application level, or both?
I have a public-facing SFTP instance. When applying the whitelist/allow-list of IP addresses that are allowed to connect to this instance, should I enforce the list on the network/firewall level, the ...
0
votes
1
answer
92
views
Our server in a our client's network - What possible attacks are there?
I apologise in advance for this question being very sparse in details and sounding rather hypothetical, reasons for this are hopefully explained below. I am not a security expert, but I am in a ...
0
votes
2
answers
136
views
Is it possible to make whitelisted software do custom, malicious things?
Let's say there's a keylogger secretly installed in an employee's computer. The keylogger recorded a bunch of information, but the well-configured firewall blocked the keylogger from sending that ...
0
votes
1
answer
245
views
How to block 192.168.0.1 for connected clients?
I installed Raspberry Pi OS on a RPi 3B, then I installed NetworkManager, set the Ethernet connection to "Shared to other computers" and connected an ethernet cable between the RPi and a ...
0
votes
1
answer
118
views
Can a Reverse Proxy be used instead of port filtering?
I want to limit access from the Internet to my Web server but the clients will have a dynamic IP address so the best I can do is to whitelist all addresses belonging to that specific mobile carrier ...
0
votes
0
answers
90
views
Perimeter IP Address Blocking
Currently we have a Palo Alto FW that serves as our perimeter devices for our network. We are required by our contract to block certain IP addresses. Over time this list has grown to almost 150k ...
1
vote
1
answer
209
views
Network security in Docker containers
I am currently involved in enhancing the security of a Docker-based web application.The application follows a traditional three-tier architecture, comprising a web app, an application layer, and a ...
1
vote
1
answer
182
views
ThreatFox alert on Cloudflare IP
On our company network, suricata just raised the following (single) alert:
{
"timestamp": "2024-01-05T12:42:28.511703+0100",
"flow_id": 1276412390854359,
&...
1
vote
2
answers
300
views
Random High Ports - Firewall Config
I'm from a digital forensics background and it has been a while since I studied networking and so am a little rusty on a few aspects. I am looking to implement a remote forensics solution within an ...
0
votes
0
answers
106
views
W-Firewall blocks Port 135 if using IPsec Kerberos V5 User Authentication
i am about to implement IPsec to achive a zero trust environment, in order to do so i am using the Windows Firewall with IPsec Rules (Allow the Connection if it is secure).
Everything works fine, but ...
2
votes
2
answers
203
views
Firewall to allow responses but block new connections
I wonder if a firewall can support this case. There are two servers: A and B.
A can send a request via an open port to B and B must respond to A during this connection.
B cannot send a request on its ...