Re: Internet facing Firewalls mDNS UPnP SMB

On Tue, 06 Aug 2024 09:44:32 +1000 George at Clug wrote: > > (I do recall being taught programming using machine code, once I > reached an environment that used assembler, I only used machine code > for debugging. At that time I was also introduced to programming > using BASIC via punch cards.

Re: Internet facing Firewalls mDNS UPnP SMB

On 2024-08-06, George at Clug wrote: > To disable port forwarding would this be a better method? "ceinture et bretelles" (I let you translate) > # echo 0 > /proc/sys/net/ipv4/ip_forward > # cat /etc/sysctl.conf > # Uncomment the next line to enable packet forwarding for IPv4 > #net.ipv4.ip_forwa

Re: Internet facing Firewalls mDNS UPnP SMB

On 8/6/24 01:47, George at Clug wrote: On Monday, 05-08-2024 at 22:25 john doe wrote: On 8/5/24 12:50, George at Clug wrote: On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: On 2024-08-04, George at Clug wrote: YOu realy need to be intimate with nftables, you might want to consider

Re: Internet facing Firewalls mDNS UPnP SMB

On 6/8/24 08:05, George at Clug wrote: Is it possible to be aware of all the ports required by systems/services like "AWS / Cloudflare / etc", such that it is possible to ensure any firewalls that are put in place do not inhibit the features of these systems? In AWS you have a Virtual Priv

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 23:27 Dan Purgert wrote: > On Aug 04, 2024, George at Clug wrote: > > > > > > On Sunday, 04-08-2024 at 16:15 john doe wrote: > > > On 8/4/24 06:48, jeremy ardley wrote: > > > > > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > > > >> > > > >> If I go to the local

Re: Internet facing Firewalls mDNS UPnP SMB

On Tue, 06 Aug 2024 09:44:32 +1000 George at Clug wrote: > This morning, after thinking on these things I realise I am wrong. > > I am showing both my ignorance and my stupidity. > > "Times have changed", "That was then, this is now". My compliments on your willingness to do so. It is not ea

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 22:25 john doe wrote: > On 8/5/24 12:50, George at Clug wrote: > > > > > > On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: > >> On 2024-08-04, George at Clug wrote: > >> > >>> I think I finally have success (had to fix way too many typos). > >>> > >>> Please review,

Re: Internet facing Firewalls mDNS UPnP SMB

On Tuesday, 06-08-2024 at 04:12 Charles Curley wrote: > On Tue, 06 Aug 2024 01:12:08 +1000 > George at Clug wrote: > > > It would be nice if systems were not so complex that they required > > frontends to be usable. > > Perhaps it would be nice. But that's not the way of the world. I wrote >

Re: Internet facing Firewalls mDNS UPnP SMB

On Tue, 06 Aug 2024 01:12:08 +1000 George at Clug wrote: > It would be nice if systems were not so complex that they required > frontends to be usable. Perhaps it would be nice. But that's not the way of the world. I wrote 6502 assembly code and hand-assembled it way back when. I was very glad t

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 21:52 Michel Verdier wrote: > On 2024-08-05, George at Clug wrote: > > > Down below is the output of the translation commands for my Iptables > > commands. Interesting but again, I will need to learn what this means, > > it does not look self explanatory. But hopefully

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 22:25 john doe wrote: > On 8/5/24 12:50, George at Clug wrote: > > > > > > On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: > >> On 2024-08-04, George at Clug wrote: > >> > >>> I think I finally have success (had to fix way too many typos). > >>> > >>> Please review,

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 23:27 Dan Purgert wrote: > On Aug 04, 2024, George at Clug wrote: > > > > > > On Sunday, 04-08-2024 at 16:15 john doe wrote: > > > On 8/4/24 06:48, jeremy ardley wrote: > > > > > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > > > >> > > > >> If I go to the local

Re: Internet facing Firewalls mDNS UPnP SMB

On Aug 04, 2024, George at Clug wrote: > > > On Sunday, 04-08-2024 at 16:15 john doe wrote: > > On 8/4/24 06:48, jeremy ardley wrote: > > > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > > >> > > >> If I go to the local coffee shop and connect my laptop to their WiFi, > > >> which incoming

Re: Internet facing Firewalls mDNS UPnP SMB

On 8/5/24 12:50, George at Clug wrote: On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: On 2024-08-04, George at Clug wrote: I think I finally have success (had to fix way too many typos). Please review, and please comment if it can be improved. Don't fix typo and instead rewrite your

VM, wifi, NAT (was: Re: Internet facing Firewalls mDNS UPnP SMB)

On 05/08/2024 17:50, George at Clug wrote: I am also a bit concerned about the statement "table ip nat", I do not want [e.g. need] any Network Address Translation occurring. Re: VirtualBox (VB) and Window

Re: Internet facing Firewalls mDNS UPnP SMB

On 2024-08-05, George at Clug wrote: > Down below is the output of the translation commands for my Iptables > commands. Interesting but again, I will need to learn what this means, > it does not look self explanatory. But hopefully, like everything > computer related, it is usually not that compl

Re: Internet facing Firewalls mDNS UPnP SMB

On Monday, 05-08-2024 at 17:25 Michel Verdier wrote: > On 2024-08-04, George at Clug wrote: > > > I think I finally have success (had to fix way too many typos). > > > > Please review, and please comment if it can be improved. > > Don't fix typo and instead rewrite your rules with nftables > h

Re: Internet facing Firewalls mDNS UPnP SMB

On 2024-08-04, George at Clug wrote: > I think I finally have success (had to fix way too many typos). > > Please review, and please comment if it can be improved. Don't fix typo and instead rewrite your rules with nftables https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to

Re: Internet facing Firewalls mDNS UPnP SMB

On 2024-08-04, George at Clug wrote: > I do like the idea of blocking all outbound connections, and only > opening ports that are required for whatever services I want to use. I do the same. > For servers I often do, but for workstations, sadly I am often lazy and > default to allowing all outgo

Re: Internet facing Firewalls mDNS UPnP SMB

On Sunday, 04-08-2024 at 18:48 Christofer C. Bell wrote: > On Sun, Aug 4, 2024 at 3:12 AM George at Clug wrote: > > > > > > > On Sunday, 04-08-2024 at 16:15 john doe wrote: > > > On 8/4/24 06:48, jeremy ardley wrote: > > > > > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > > > >> > > > >

Re: Internet facing Firewalls mDNS UPnP SMB

On 4/8/24 16:11, George at Clug wrote: I do like the idea of blocking all outbound connections, and only opening ports that are required for whatever services I want to use. For servers I often do, but for workstations, sadly I am often lazy and default to allowing all outgoing traffic. Let

Re: Internet facing Firewalls mDNS UPnP SMB

On Sun, Aug 4, 2024 at 3:12 AM George at Clug wrote: > > > On Sunday, 04-08-2024 at 16:15 john doe wrote: > > On 8/4/24 06:48, jeremy ardley wrote: > > > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > > >> > > >> If I go to the local coffee shop and connect my laptop to their WiFi, > > >> w

Re: Internet facing Firewalls mDNS UPnP SMB

On Sunday, 04-08-2024 at 16:15 john doe wrote: > On 8/4/24 06:48, jeremy ardley wrote: > > > > On 4/08/2024 12:26 pm, George at Clug wrote: > >> > >> If I go to the local coffee shop and connect my laptop to their WiFi, > >> which incoming and now outgoing ports should I have blocked to ensure >

Re: Internet facing Firewalls mDNS UPnP SMB

On 8/4/24 06:48, jeremy ardley wrote: On 4/08/2024 12:26 pm, George at Clug wrote: If I go to the local coffee shop and connect my laptop to their WiFi, which incoming and now outgoing ports should I have blocked to ensure that no nefarious people are able to communicate with my laptop The r

Re: Internet facing Firewalls mDNS UPnP SMB

On 4/08/2024 12:26 pm, George at Clug wrote: If I go to the local coffee shop and connect my laptop to their WiFi, which incoming and now outgoing ports should I have blocked to ensure that no nefarious people are able to communicate with my laptop The rules for public networks are very si

Internet facing Firewalls mDNS UPnP SMB

​Hi, Thanks to all who have been explaining mDNS nssswitch, etc. I had not realised how 'chatty' our computers have become. If I go to the local coffee shop and connect my laptop to their WiFi, which incoming and now outgoing ports should I have blocked to ensure that no nefarious people are