locked
Internet security: Blocking outgoing traffic? RRS feed

  • Question

  • (Apologies if this has been addressed before -- I haven't been able to find it if it has been)

    I'm not planning on accessing my WHS from outside of my home LAN, and the idea of processes/services running on it that unnecessarily allow it to connect to the internet (especially those acting as a server ) makes me nervous.

    Is it possible to secure WHS to block outgoing traffic as well as incoming, on a application-by-application or service-by-service basis (similar to the way Zonealarm does)?
    Monday, December 7, 2009 4:12 PM

All replies

  • Just turn off Remote Access in the console. That will cover the usual vulnerabilities. There's no supported way to further block Internet connection from your server, and if you totally blocked it, you would sacrifice functionality, such as automatic installation of security patches.

    If you're familiar with configuring Windows Firewall, you can significantly tighten security overall, but (again) this is unsupported.
    I'm not on the WHS team, I just post a lot. :)
    Monday, December 7, 2009 4:19 PM
    Moderator
  • There's no supported way to further block Internet connection from your server, and if you totally blocked it, you would sacrifice functionality, such as automatic installation of security patches.

    Hi Ken, thanks for the reply.

    OK, do you know of any un supported methods that users have reported getting good results with?  ;-)

    I tend to be pretty hands-on (maybe more so than I should, but alas), and thusly don't use Automatic Update since I like to monitor for negative feedback for a few days before applying new patches.

    So, what's the worst-case scenario if one were to slap on a third-party firewall like Zonealarm?  I did just that when I was first playing with WHS and it seemed to work.  Granted, I didn't spend a lot of time trying to break it, but I didn't see any immediate problems.

    Since I prefer full control over my outgoing traffic, I honestly haven't given Windows Firewall a second look.  But if there's absolutely no alternative that would allow me to do what I want to do, I guess I could give it a shot.  Are there any good tutorials you could point me to for locking it down as much as possible?
    Tuesday, December 8, 2009 4:09 AM