|
|||
Hello, assuming you are not running a bunch of services on the machine, maybe I'd go with something like
Code:
block all pass out keep state |
|
||||
The default configuration only blocks stateless traffic. It doesn't "protect" anything.
Configuring PF requires basic knowledge of 1) TCP/IP, 2) your network applications, and 3) PF configuration rules. The PF User's Guide, found with the OpenBSD FAQ at the project website, is required reading. |
|
|||
For a desktop machine the simple ruleset suggested by Denta is a good start. It will keep the bad guys from connecting to your machine.
I would propose two small changes to those rules: Code:
block log all pass out Code:
Code:
The last packet blocked is a NetBIOS broadcast from my wife's Windows machine. If you are looking for a firewall box rule set you could have a look at http://www.daemonforums.org/showthre...7366#post45234 It is a pf.conf that I use for my OpenBSD firewall box at my home.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
OP needs to define "protect". What expectations are you making that we should be aware of when making suggestions? Are you looking for a simple "block traffic not related to out bound connections I initiated" type of scenario (covered by Denta's post above), or a more advanced "allow inbound traffic to certain services/servers/etc...while blocking other traffic not related to outbound connections I initiate", or even more advanced "block all traffic except allowed outbound traffic", or perhaps a combination of these approaches?
__________________
Linux/Network-Security Engineer by Profession. OpenBSD user by choice. |
|
||||
Hi, thank you all for yours answers
I use OpenBSD as a deskop machine, i work on it (libreoffice, gimp, maybe developing in the future), looking videos (minitube, vlc), downloading (transmission), playing some video games (online/offline). I choose OpenBSD because it is related as secure, of course if it is well configured i think now. I have windows on another hard disk for the same things (+ more games) but i wanted to have another operating system. Where i work i suffered a virus that crypted all my files, admins worked 1 or 2 days to repair it and i said to myself, if a day it can happen at home ? So it is the "block traffic not related to out bound connections I initiated" type of scenario assuming if i can play online. At the moment i put on pf.conf, what denta and J65nko said, and as said jggimi i will read PF user's guide and waiting what you think about. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Ram usage on default installations | libertas | General software and network | 7 | 21st January 2012 04:46 PM |
default crontab | fbroce | OpenBSD Installation and Upgrading | 13 | 13th September 2010 09:20 PM |
Security by default | bettyblue | OpenBSD Security | 4 | 30th May 2010 08:30 PM |
how APM & ACPI duke it out to be the default | ocicat | OpenBSD General | 0 | 23rd June 2009 04:05 AM |
external drive partition question + fdisk question | gosha | OpenBSD General | 15 | 15th June 2009 02:00 PM |