 gwionwild colonial boyPremium,ExMod 2001-08
join:2000-12-28
Pittsburgh, PA
kudos:1 | reply to Hutch
Re: Ad Filtering Programs keep Ports open In particular to you, Judge:
I'm not sure what you're saying, but if it's that the ports show only when you drop the firewall, that's probably a-OK. Most filters are proxy servers, and I've used a few of those, but never Naviscope (I use proxomitron, myself, in the filters department). Do you set use a proxy in your browser to use the filter? If so, it's acting as a proxy server. Those ports should not be available from the internet, if the firewall's running, and you can and should use ZAP to make a rule blocking outside access to any proxies you run. Open proxy servers can be an immense security risk. Odd set of ports for a proxy to be listening on... I always promptly restrict any local proxy like that to localhost, NOT the LAN address of my NIC, whenever I set anything up like that, myself...
More Generally, more miscellaneous proxy server ramblings:
If you have an option to do so, make sure that the proxy binds only to localhost, 127.0.0.1, if it's only for use from that machine... some I've seen default to bind IN_ADDR_ANY, meaning they accept connections on any interface available on that computer... I don't like that, and I think it's an incredible risk. If you run a proxy for filtering only, and only need to reach it from that machine, find the settins and tell it to bind address 127.0.0.1 - nothing else, unless it absolutely has to be available from the LAN. Set the browser, etc., to use localhost:[proxyport]. Then find the administrative interface settings, and restrict administrative access to 127.0.0.1, too.
Well, I may be dead wrong, but that's my instinct. Also, you can make the ports your proxy accepts connections on accessible only from localhost, on a rules based firewall; make sure your browser is set to localhost, not your LAN address. I, personally, would pick other ports... 8080/81 or some other high range preferably. 80's a heavily scanned port, if nothing else. One last tip... if you have a router, by all means, you can block your proxy's active ports at the router. That will help ensure that only local connections are made to the proxy server. Set up with all or any one or combination of the above, almost any local server can be made pretty virtually invisible from the outside, mutatis mutandis. Hope my mind dump makes some sense, and maybe helps out a bit. Good luck.
--
Man will occasionally stumble over the truth, but most times he will pick himself up and carry on. - Sir Winston Churchill |
 wayaunegaThe Most Hated Of All Posters
join:2001-02-21
Asheboro, NC | ok so just a question to simplify my understanding of what you said.
nutshell--> most filtering software works along the same premise as using a host file in that it detects ads by what ever menas and diverts it to a localhost address, right?
--
....common sense isn't too common anymore.... |
·
·