I'm going to side with Carlos on this one.. While the Windows firewall may not do everything or be very good at what it does do, it may offer just enough to be useful in your situation.
It has the advantage of being already built in and the netsh configuration is very handy. </0.02c> > On Sun, Dec 6, 2009 at 8:59 AM, Robin Wood <[email protected]> wrote: >> Hi >> I'm not a windows user so the answer to this might be obvious to >> others but I'm looking for a firewall that will allow me to easily >> block single ports in and outbound without having to mess around with >> going through loads of menus or saying which applications are allowed >> to talk. I also don't want any windows smart-arsed stuff going on >> where it automatically blocks things like ICMP by default. >> >> I would say I want something like iptables but that implies I want >> loads of power which I don't, I just want easy to setup and no >> surprises. >> >> The context for this is I teach a hacking course and want to be able >> to use the same VM for a number of exercises, for one I'll allow >> access to the vulnerable ftp server, for the next I want to close that >> port so the attackers have to go in a different way. I also want to be >> able to close outbound ports so when they use Metasploit reverse >> shells on the default port of 4444 they don't get anything so have to >> change port numbers. >> >> What would people recommend? >> >> Robin >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
