Default port permission settings
The default configuration for High security blocks all inbound and outbound traffic through ports not being used by programs you have given access or server permission except:
- DHCP broadcast/multicast
- Outgoing DHCP (port 67) - on Windows 9x systems
- Outgoing DNS (port 53) - If the computer is configured as an ICS gateway
|
|
|
|
|
Traffic Type
|
Security levels
|
HIGH
|
MED
|
OFF
|
|
DNS outgoing
|
block
|
n/a
|
allow
|
DHCP outgoing
|
block
|
n/a
|
allow
|
broadcast/multicast
|
allow
|
allow
|
allow
|
ICMP
|
incoming (ping echo)
|
block
|
allow
|
allow
|
incoming (other)
|
block
|
allow
|
allow
|
outgoing (ping echo)
|
block
|
allow
|
allow
|
outgoing (other)
|
block
|
allow
|
allow
|
IGMP
|
incoming
|
block
|
allow
|
allow
|
outgoing
|
block
|
allow
|
allow
|
NetBIOS
|
incoming
|
n/a
|
block
|
allow
|
outgoing
|
n/a
|
allow
|
allow
|
UDP (ports not in use by a permitted program)
|
incoming
|
block
|
allow
|
allow
|
outgoing
|
block
|
allow
|
allow
|
TCP (ports not in use by a permitted program)
|
incoming
|
block
|
allow
|
allow
|
outgoing
|
block
|
allow
|
allow
|
Default access permissions for incoming and outgoing traffic types
To change a port’s access permission:
- Select COMPUTER | Advanced Firewall.
- In either the Public Zone or the Trusted Zone area, click Custom.
The Custom Firewall Settings dialog appears.
- Scroll to locate High and Medium security settings.
- To block or to allow a specific port or protocol, click the check box beside it.
|
Important - Be aware that when you select a traffic type in the High security settings list, you are choosing to ALLOW that traffic type to enter your computer under High security, thus decreasing the protection of the High security level. Conversely, when you select a traffic type in the Medium security settings list, you are choosing to BLOCK that traffic type under Medium security, thus increasing the protection of the Med security level.
|
- Click Apply, then click OK.
|
|