Avatar for Username

Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Tìm hiểu thêm

Chủ đề này đã được lưu trữ. Vui lòng hỏi một câu hỏi mới nếu bạn cần giúp đỡ.

Why allow unrestricted incoming access to Firefox in the firewall settings?

  • 1 trả lời
  • 5 gặp vấn đề này
  • 1 lượt xem
  • Trả lời mới nhất được viết bởi fbg00

AnonymousUser
AnonymousUser
more options

Quote from http://support.mozilla.com/en-US/kb/Configuring%20ZoneAlarm%20Free%20Firewall and similar help pages:

"Ensure that Firefox has a green check mark for each each category in the list - Access-Trusted, Access-Internet, Server-Trusted, Server-Internet: click on the ? icon for each category, and then select Allow."

DNS lookups are "connectionless" UDP. Outgoing TCP connections establish what incoming data is allowed. While (hopefully) a border firewall is in place, allowing all incoming connections at the computer's software firewall seems dangerous. Can a security expert please share a little rationale for this advice?

Quote from http://support.mozilla.com/en-US/kb/Configuring%20ZoneAlarm%20Free%20Firewall and similar help pages: "Ensure that Firefox has a green check mark for each each category in the list - Access-Trusted, Access-Internet, Server-Trusted, Server-Internet: click on the ? icon for each category, and then select Allow." DNS lookups are "connectionless" UDP. Outgoing TCP connections establish what incoming data is allowed. While (hopefully) a border firewall is in place, allowing all incoming connections at the computer's software firewall seems dangerous. Can a security expert please share a little rationale for this advice?

Tất cả các câu trả lời (1)

fbg00
fbg00
more options

For what it's worth, I recently started getting alerts from McAfee Internet Security suite that Firefox is attempting to allow incoming TCP connections. Unfortunately the log files are dismally un-informative so I haven't yet been able to determine the port, which plugin if one is involved, etc. I'll have to mess around with it a bit. I'll post an update if I find something interesting.