Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vasya Pupkin2021-11-24 09:13:56
System administration
Vasya Pupkin, 2021-11-24 09:13:56

How to block addresses on interfaces in kerio?

There was a question in a neighboring topic regarding blocking RFC addresses . I want to understand how I can do the same for myself in order to protect myself from such a situation in the future.
There is a pure Kerio raised from scratch. I created a test rule - highlighted at the top.
619dcbb3bfc7b478093747.png
Do I understand correctly that in order for someone's local network not to break into me, I just need to put "Prohibition" instead of allow, and then everything that comes from the first subnet will be discarded?
Doesn't this mean that my addresses will be discarded as well. How the interface will understand if this address is local or not. He has incoming messages and it doesn't matter to him whether the request came from the local network or not. How will he understand that my request should not be blocked from 1 subnet, but someone else's.
If you look at the screenshots, then the rule that I made falls under the second rule that was created by default. Addresses from the first subnet fall under the definition of Trusted / Local, and if I do this, then I simply will not have the Internet, because. exit from this subnet will be prohibited.

Question : How to configure RFC1819 blocking on Kerio?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
D
Drno, 2021-11-24
@Drno

Kerio has Van interface and Lan interface. You need to block incoming calls on the VAN.
Local people come through your lan port

Report
A
Akina, 2021-11-24
@Akina

Start by defining a group of addresses to block. Write there all subnets from RFC, except, perhaps, multicast.
Then first create a rule that incoming WAN interface packets whose addresses belong to this group action=drop.

Report
L
LAG_LAGbI4, 2021-11-27
@LAG_LAGbI4

It looks like some kind of paranoia. I read the question about the local area network on the Internet.
What do you care what happens outside? For you, everything outside is the Internet. Any connections FROM the Internet should be treated as dangerous. Out of the box, kerio allows vpn and web face.
As for your OUTGOING connections. Well, you get into someone else's network? what is the danger?
well if very much it would be desirable, the rule is not correctly configured.
one . source - all local ip addresses except those used; recipient Internet interface - prohibition
2. you don't need to be afraid of incoming ones. they are disabled by default

Similar questions
E
elisey4742017-08-23 13:31:05
Explain what's going on here? 1Reply
D
Denis Sechin2017-08-23 21:09:00
HTTP Status 400 - unifi ubuntu12.04? 1Reply
A
Artyom2017-08-24 08:37:49
Use of unlicensed software in an organization, who is responsible? 13Reply
L
le1872017-08-24 11:52:45
There is a need to identify the cause of the server shutdown, can anyone help? 6Reply
V
vlarkanov2017-08-29 11:09:18
How to install Debian 9 Stretch on software RAID1 (no GRUB installed)? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question