Results 1 to 4 of 4
  1. #1
    Star Lounger
    Join Date
    Dec 2009
    Location
    Nashville
    Posts
    53
    Thanks
    11
    Thanked 1 Time in 1 Post

    Network security compliance test / router settings

    I'm trying to get through a compliance test to use credit card processing in a home network environment. The particular system I'm using is an XP SP2 with MS Security Essentials and the Windows Firewall turned on, hardwired to a password-protected wireless router. Here is the question that stumped me:

    "Does your firewall configuration specifically deny all unnecessary inbound and outbound traffic (for example by using an explicit "deny all" or an implicit deny after allow statement)?"

    I cannot translate this question to anything in the router configuration that seems to match or even hint at what "unnecessary" really means in this context. Can anyone help clarify what they are asking for? Thanks!
    Last edited by imjcarls; 2013-06-06 at 11:33.

  2. Subscribe to our Windows Secrets Newsletter - It's Free!

    Get our unique weekly Newsletter with tips and techniques, how to's and critical updates on Windows 7, Windows 8, Windows XP, Firefox, Internet Explorer, Google, etc. Join our 480,000 subscribers!

    Excel 2013: The Missing Manual

    + Get this BONUS — free!

    Get the most of Excel! Learn about new features, basics of creating a new spreadsheet and using the infamous Ribbon in the first chapter of Excel 2013: The Missing Manual - Subscribe and download Chapter 1 for free!

  3. #2
    Silver Lounger mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    2,137
    Thanks
    202
    Thanked 206 Times in 198 Posts
    I think if you're going to do credit card processing, you need to get something better than Microsoft Security Essentials and the Windows Firewall. You might also want to upgrade to a newer version of Windows.

    As you know, there is inbound and outbound traffic on your computer. Threats need to be detected and blocked in both directions, in case something gets past the inbound firewall and then tries to "phone home".

    An explicit "deny all" means that your firewall lets nothing in or out unless it passes whatever security checks it uses. In other words, the default is that the traffic is blocked, and the exception is that it gets through.

    "Unnecessary" means that it is not related to your credit card processing. For example, Youtube would be unnecessary, because it is not related to your credit card processing or to your business. If you block all such sites, no threats can get in from them, but neither can any other traffic from them.

    "Necessary" might include Ebay. However, there may be some spyware lurking on Ebay (I have picked up spyware on Ebay in the past.) Therefore, the firewall would allow ebay traffic, but would check it to make sure it is not a threat.
    Last edited by mrjimphelps; 2013-06-06 at 12:44.

  4. #3
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Location
    Manning, South Carolina
    Posts
    6,051
    Thanks
    195
    Thanked 757 Times in 693 Posts
    Imjcarls,

    You can test your incoming ports using Gibson Research's Shields Up program. HTH
    May the Forces of good computing be with you!

    RG

    VBA Rules!

    My Systems: Desktop Specs
    Laptop Specs


  5. #4
    Gold Lounger
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    3,498
    Thanks
    7
    Thanked 220 Times in 208 Posts
    The terms refer to an enterprise grade firewall, not a home router. They are effectively asking if you have prevented external access to your network, which all modern home routers do automatically. Note: this does not prevent you getting a virus on your computer that steals all your data, including 3rd party CC data.

    cheers, Paul

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •