Ens - Firewall tab (overview)
Posted by Adrien de Croy (Import) on 30 January 2004 05:02 PM
The Firewall tab in the ENS properties of GateKeeper, on the WinGate machine contains some general options for Firewall configuration, and sets some logging rules to allow administrators to collect the appropriate data about Network attacks and intrusions.
Enhanced Security Options
- Disable Network name broadcasts to the Internet
Checked by default stops LAN traffic from broadcasting their Netbios network details to the Internet.
- Allow users to ping this machine locally.
This allows clients to be able to test TCP/IP connectivity to the WinGate server via ICMP ping utility and is checked by default.
- Allow users to ping this machine from the Internet
Not checked by default, as there are some will known ping type attacks that can be generated by attackers on the Internet.
- Discard Spoof packets
This option is enabled by default, WinGate will check to ensure that the source IP address in the packet header is really the computer that made the request. If it is not, the packet will be discarded. This is also a well known form of exploitation on the Internet.