We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Buscar en Ayuda

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why allow unrestricted incoming access to Firefox in the firewall settings?

  • 1 respuesta
  • 5 tienen este problema
  • 1 visita
  • Última respuesta de fbg00

more options

Quote from http://support.mozilla.com/en-US/kb/Configuring%20ZoneAlarm%20Free%20Firewall and similar help pages:

"Ensure that Firefox has a green check mark for each each category in the list - Access-Trusted, Access-Internet, Server-Trusted, Server-Internet: click on the ? icon for each category, and then select Allow."

DNS lookups are "connectionless" UDP. Outgoing TCP connections establish what incoming data is allowed. While (hopefully) a border firewall is in place, allowing all incoming connections at the computer's software firewall seems dangerous. Can a security expert please share a little rationale for this advice?

Quote from http://support.mozilla.com/en-US/kb/Configuring%20ZoneAlarm%20Free%20Firewall and similar help pages: "Ensure that Firefox has a green check mark for each each category in the list - Access-Trusted, Access-Internet, Server-Trusted, Server-Internet: click on the ? icon for each category, and then select Allow." DNS lookups are "connectionless" UDP. Outgoing TCP connections establish what incoming data is allowed. While (hopefully) a border firewall is in place, allowing all incoming connections at the computer's software firewall seems dangerous. Can a security expert please share a little rationale for this advice?

Todas las respuestas (1)

more options

For what it's worth, I recently started getting alerts from McAfee Internet Security suite that Firefox is attempting to allow incoming TCP connections. Unfortunately the log files are dismally un-informative so I haven't yet been able to determine the port, which plugin if one is involved, etc. I'll have to mess around with it a bit. I'll post an update if I find something interesting.