Comodo Firewall Pro - [2] :: Программы :: Компьютерный форум Ru.Board

Network Monitor:
BLOCK and LOG IP OUT FROM IP [Any] TO IP [Any] WHERE IPPROTO IS IGMP
BLOCK and LOG TCP or UDP IN FROM IP [Any] TO IP [Any] WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS IN [135,445]

Разрешение NetBIOS в локальной сети:
ALLOW and LOG TCP or UDP IN or OUT FROM IP ZONE:[Local Network] TO IP ZONE:[Local Network] WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS 137-139

Разрешение ping'а в локальной сети:
ALLOW and LOG ICMP OUT FROM IP ZONE:[Local Network] TO IP ZONE:[Local Network] WHERE ICMP MESSAGE IS ECHO REQUEST
ALLOW and LOG ICMP IN FROM IP ZONE:[Local Network] TO IP ZONE:[Local Network] WHERE ICMP MESSAGE IS FRAGMENTATION NEEDED
ALLOW and LOG ICMP IN FROM IP ZONE:[Local Network] TO IP ZONE:[Local Network] WHERE ICMP MESSAGE IS TIME EXCEEDED

Блокировка портов 135, 137-139 (NetBIOS) и 445 в И-нет зоне:
BLOCK and LOG TCP or UDP OUT FROM IP ZONE:[Internet Zone] TO IP [Any] WHERE SOURCE PORT IS IN [135,137,138,139,445] AND DESTINATION PORT IS [Any]
BLOCK and LOG TCP or UDP IN FROM IP ZONE:[Internet Zone] TO IP [Any] WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS IN [135,137,138,139,445]

DNS Server:
ALLOW and LOG UDP OUT FROM IP ZONE:[Internet Zone] TO IP DNS_server WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 53

Web Browser:
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP [Any] WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 80-83
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP [Any] WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 443

Mail Client:
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP NAME:[pop.yandex.ru] WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 110
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP NAME:[smtp.yandex.ru] WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 25

Comodo Submit:
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP 195.92.253.141 WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 21
ALLOW and LOG TCP OUT FROM IP ZONE:[Internet Zone] TO IP 195.92.253.141 WHERE SOURCE PORT IS 1024-4999 AND DESTINATION PORT IS 1024-4999

Завершающее правило, блокирующее все:
BLOCK and LOG TCP or UDP IN or OUT FROM IP [Any] TO IP [Any] WHERE SOURCE PORT IS [Any] AND DESTINATION PORT IS [Any]

Application Monitor:

APPLICATION	DESTINATION	PORT	PROTOCOL	PERMISSION	PARENT
Opera.exe	195.92.253.137	80	TCP Out	Allow	cpf.exe
Opera.exe	[Any]	80-83	TCP Out	Allow	explorer.exe
Opera.exe	[Any]	443	TCP Out	Allow	explorer.exe
Opera.exe	DNS_server	53	UDP Out	Allow	explorer.exe
svchost.exe	[Any]	[135,445]	TCP/UDP In	Block	services.exe

Пока, для начала, примерно так... Наверное... IMHO...
В зону Local Network заносится диапазон локалки, в зону Internet Zone - соответственно. Вместо DNS_server'а подставляется соответствующий IP. В почтовом клиенте имена проставляются, соответственно, для POP и SMTP серверов (в примере - имена для Яндекса).

Добавлено:
И еще один БОЛЬШОЙ МИНУС: у сабжа нет "защиты от дурака", т.е. полное отсутствие защиты настроек.

Модерирует : gyra, Maz
Widok (12-12-2007 15:47): лимит страниц. продолжаем здесь	Версия для печати • Подписаться • Добавить в закладки
Страницы: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102