Ens - Port Security tab (overview)
Posted by Adrien de Croy (Import) on 30 January 2004 04:46 PM
The Port security tab in the ENS configuration in WinGate is where you can configure and customize how it will handle the use of application ports in the WinGate Firewall. While it may look like being a simple matter of allowing or preventing ports to be opened or closed there are a number of advanced features that will allow greater control of how traffic is handled through WinGate.
Configuring any setting under the Port Security Tab applies to all Network Interfaces. What this means is that for any interface/protocol (Tcp/Udp) combination you can set a default action for all interfaces/packets.
(To understand how WinGate treats interfaces and Private versus External Ip addresses please click here)
It is recommended that the defaults be kept as these generally provide the safest approach to defending WinGate from network attacks.
Suggested Default Interface Action
The security filters included with WinGate port security tab allow you to open close ports depending on Applications that require access through WinGate both to and from the Internet.
These security filters work by:
In simple terms the Use Syn cookies option, allows the WinGate to control a session of packets before they are allowed to even enter the port by keeping track of valid Ack requests from a host on the Internet, so that bogus packets (which can be used in a Network attack called a SynFlood type of attack) will have less chance to penetrate WinGate’s defences.
This option is not ticked by default to allow for maximum application session compatibility and should only be implemented by administrators who are experienced with TCP session mechanisms.