Results 1 to 4 of 4
  1. #1
    2 Star Lounger
    Join Date
    Dec 2009
    Thanked 5 Times in 4 Posts

    Network security compliance test / router settings

    I'm trying to get through a compliance test to use credit card processing in a home network environment. The particular system I'm using is an XP SP2 with MS Security Essentials and the Windows Firewall turned on, hardwired to a password-protected wireless router. Here is the question that stumped me:

    "Does your firewall configuration specifically deny all unnecessary inbound and outbound traffic (for example by using an explicit "deny all" or an implicit deny after allow statement)?"

    I cannot translate this question to anything in the router configuration that seems to match or even hint at what "unnecessary" really means in this context. Can anyone help clarify what they are asking for? Thanks!
    Last edited by imjcarls; 2013-06-06 at 11:33.

  2. #2
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Thanked 453 Times in 422 Posts
    I think if you're going to do credit card processing, you need to get something better than Microsoft Security Essentials and the Windows Firewall. You might also want to upgrade to a newer version of Windows.

    As you know, there is inbound and outbound traffic on your computer. Threats need to be detected and blocked in both directions, in case something gets past the inbound firewall and then tries to "phone home".

    An explicit "deny all" means that your firewall lets nothing in or out unless it passes whatever security checks it uses. In other words, the default is that the traffic is blocked, and the exception is that it gets through.

    "Unnecessary" means that it is not related to your credit card processing. For example, Youtube would be unnecessary, because it is not related to your credit card processing or to your business. If you block all such sites, no threats can get in from them, but neither can any other traffic from them.

    "Necessary" might include Ebay. However, there may be some spyware lurking on Ebay (I have picked up spyware on Ebay in the past.) Therefore, the firewall would allow ebay traffic, but would check it to make sure it is not a threat.
    Last edited by mrjimphelps; 2013-06-06 at 12:44.

  3. #3
    Super Moderator RetiredGeek's Avatar
    Join Date
    Mar 2004
    Manning, South Carolina
    Thanked 1,606 Times in 1,450 Posts

    You can test your incoming ports using Gibson Research's Shields Up program. HTH
    May the Forces of good computing be with you!


    PowerShell & VBA Rule!

    My Systems: Desktop Specs
    Laptop Specs

  4. #4
    WS Lounge VIP
    Join Date
    Dec 2009
    Thanked 1,117 Times in 1,040 Posts
    The terms refer to an enterprise grade firewall, not a home router. They are effectively asking if you have prevented external access to your network, which all modern home routers do automatically. Note: this does not prevent you getting a virus on your computer that steals all your data, including 3rd party CC data.

    cheers, Paul

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts