Hi,
Could someone explain me how to achieve this:
Allow all outbound connection to Microsoft servers but deny inbound connection to SMB, RPC, and all other vulnerable services.
ATM I tried to:
- Uncheck NetBIOS and trusted for all local LAN (LAN tab), Allow all TCP and UDP outbound connection ("Global Rules" tab)
Result: Cannot map server drive
- Check NetBios (Uncheck Trusted) for all local LAN (LAN tab), Block all inbound connection (with high priority checked) on concerned ports (TCP/445, UDP/445, TCP/139, TCP/135, etc..) ("Global Rules" tab)
Result: Can map server drive but other computers can also map the computer drive
Nmap result:
Scanning computer (x.x.x.x) [1000 ports]
Discovered open port 445/tcp on x.x.x.x
Discovered open port 3389/tcp on x.x.x.x
Discovered open port 139/tcp on x.x.x.x
Discovered open port 8193/tcp on x.x.x.x
Discovered open port 8194/tcp on x.x.x.x
Discovered open port 8192/tcp on x.x.x.x
NB. Applications tab have only outbound rules or generic one
Process tab is empty
I don't get it... what's the problem?
Thanks,
Hugues
This thread was automatically locked due to age.