Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 27 December 2024, 11:40:55 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Port forwareding
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Port forwareding  (Read 9639 times)
Tokas
Jr. Member
*
Offline Offline

Posts: 2


« on: Thursday 07 March 2013, 07:09:17 pm »

i have 2.3 version and dont understand something....i wanted to open one port so some program can access internet....i was looking at dnat to do that but i couldnt...i searched internet but couldnt get it done....so i set rule on 'outgoing traffic' and it worked....now can you tell me is that it?must i config something else?is my network safe?i didnt have any contact with hardware firewall so i musat ask these questins Cheesy 
Logged
karlhenselin
Jr. Member
*
Offline Offline

Posts: 5


« Reply #1 on: Wednesday 15 May 2013, 09:30:46 pm »

if you want to access something on the Internet, outgoing is the right one.
If you want to access something inside from outside, then you need DNAT.
Logged
Syntax42
Full Member
***
Offline Offline

Posts: 19


« Reply #2 on: Saturday 18 May 2013, 12:27:31 am »

To clarify, an outgoing firewall prevents connections from being established from inside your network to the outside.  This can be helpful in preventing malicious programs which use uncommon ports from sending information out, but can also prevent desired programs from connecting to the internet.  The most practical application of the outgoing firewall is reducing the use of unauthorized programs on a corporate network, but this may not be effective because many programs are using common internet ports and protocols to bypass firewall restrictions.

Unless you have a server running inside your network, you should not forward ports.  Doing so enables connections to be made from the outside directly to the computer the ports are forwarded to, at any time.  If that computer has a service listening on that port, and that service has a vulnerability or bug, an attacker could potentially exploit that service to do harm to that computer or your entire network.  Closing ports is considered an effective line of defense against attackers, which is why standard routers are suggested for use in every network, as a bare minimum.

If you opened a port on your outgoing firewall, that does not allow traffic to return to you on that port unless your computer established a connection with an outside computer first.  Then, only that IP address can send data to you on that port, which doesn't create a significant risk.  Typically, ports remain open for a short duration, and close after no communication is used on that port by your computer or the computer you are communicating with.  I'm not sure of the exact time, but it seems to be around a minute.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.063 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com