I want to ban UDP ports greater than 1024 for Uers01(Assumed user):
(ENS prots security settting:LANconnections to Internet, TCP/UDP default :allow)
ENS-policies-User01- default rights:are ignored —Advanced-specify which requests this recipient has rights for:sever port number less than 1024
it can ban TCP ports greater than 1024 for Uers01,but not UDP ports,WHY???
How to ban UDP ports for Assumed user?
Moderator: Qbik Staff
4 posts
• Page 1 of 1
How to ban UDP ports for Assumed user?
by nhpok » May 21 06 8:47 pm
- nhpok
- Posts: 4
- Joined: Dec 24 03 7:50 pm
by genie » May 21 06 11:08 pm
The problem with UDP port processing is that traffic through them is not reported unless the destination port is less than 1024 or connection stays alive for longer than 30 sec - and even if the connection is closed, it can be "re-established" instantly because UDP does not require connection establishment phase.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
by genie » May 22 06 11:27 am
You cannot in the current version - we can supply you the the driver version which reports all UDP traffic straight away so you can use policies to block it, but since the engine blocks traffic _after_ a UDP packet has been sent, it will block the inbound packet then - so you can block an inbound UDP stream, but not the outbound.
- genie
- Qbik Staff
- Posts: 1788
- Joined: Sep 30 03 10:29 am
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: Bing [Bot] and 2 guests