application-firewall questions - Page 1

marc esher

Asked: 2012-01-07 12:22:19 +0800 CST

Does IIS7 have in-built, or available extensions, for responding to scan attempts?

4

Does IIS7 have an in-built mechanism, or are extensions available, for providing web-application-firewall type behavior?

For example, dozens of successive attempts come in that look like scan attempts (eg http://linux.m2osw.com/zmeu-attack). Or dozens come in with obvious XSS or maybe SQL Injection attributes. I'm curious if IIS can respond, perhaps by dropping the request entirely before forwarding on to the application server. I'm thinking of something perhaps like mod_security, but for IIS

punkish

Asked: 2011-09-18 08:26:01 +0800 CST

enabling incoming connections in Mac OS X Lion firewall via command line

3

$sudo /usr/libexec/ApplicationFirewall/socketfilterfw --listapps
ALF: total number of apps = 2 

1 :  /Applications/some.app 
 ( Allow incoming connections ) 

2 :  /Applications/another.app 
 ( Block incoming connections )

The above command shows that another.app is a part of my firewall trusted apps list, but it is set to block incoming connections. How can I set it to allow incoming connections from the command line, and make the change effective immediately?

adudley

Asked: 2011-06-11 02:58:18 +0800 CST

A software firewall with web interface / login possibilities for single windows server

2

We have a single web server with SQL server etc (all MS, server 2008 web etc).

We need to allow access to the database directly so our customer can write reports (it's the way SSRS is!). We original had the DB just sitting on the internet, you wouldn't believe how many attempts were made to get into the sa account!

sa account renamed to something else now, and we are using the Windows Firewall.

thing is, some of the customers work from home, with dynamic IP addresses, so they have to mail each day/weeek/router reboot, and I have to remote desktop in to allow that IP address.

IS THERE A BETTER WAY? I was thinking of a web interface for the firewall, they can add their own IP address, or preferably, they just log in, and it allows access to everything from that IP, or something like that.

chiggsy

Asked: 2011-02-11 08:01:40 +0800 CST

What is an "application firewall"?

5

Trying to find out more about apple's "Firewall". What exactly is it?

In /usr/libexec/ApplicationFirewall

there are a bunch of undocumented programs, I've wandered through the mystery maze of the OSx docs... but they dont even mention it. What kind of thing is it?

Snipper

Asked: 2009-05-29 17:45:13 +0800 CST

Application firewalls on IIS

2

I'm looking for security solutions for my web servers from within the web service level. Is there any software that can run on top of IIS in Windows? Further, are there any best-practices that web administrators follow to secure their servers? (ASP.NET, IIS6 or IIS7, and server 2003 or 2008 supported)

I've heard of application firewalls such as dotDefender, but it's costly. I see this as an extra level of security that could help stop intruders breaking not so well coded sites.

Does IIS7 have in-built, or available extensions, for responding to scan attempts?

enabling incoming connections in Mac OS X Lion firewall via command line

A software firewall with web interface / login possibilities for single windows server

What is an "application firewall"?

Application firewalls on IIS

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Questions[application-firewall](server)