windows firewall for CTF

[mailinglistmatt at gmail.com (Matt Erasmus)]

I'm going to side with Carlos on this one.. While the Windows firewall
may not do everything or be very good at what it does do, it may offer
just enough to be useful in your situation.

It has the advantage of being already built in and the netsh
configuration is very handy.

</0.02c>

> On Sun, Dec 6, 2009 at 8:59 AM, Robin Wood <dninja at gmail.com> wrote:
> > Hi
> > I'm not a windows user so the answer to this might be obvious to
> > others but I'm looking for a firewall that will allow me to easily
> > block single ports in and outbound without having to mess around with
> > going through loads of menus or saying which applications are allowed
> > to talk. I also don't want any windows smart-arsed stuff going on
> > where it automatically blocks things like ICMP by default.
> >
> > I would say I want something like iptables but that implies I want
> > loads of power which I don't, I just want easy to setup and no
> > surprises.
> >
> > The context for this is I teach a hacking course and want to be able
> > to use the same VM for a number of exercises, for one I'll allow
> > access to the vulnerable ftp server, for the next I want to close that
> > port so the attackers have to go in a different way. I also want to be
> > able to close outbound ports so when they use Metasploit reverse
> > shells on the default port of 4444 they don't get anything so have to
> > change port numbers.
> >
> > What would people recommend?
> >
> > Robin
> > _______________________________________________
> > Pauldotcom mailing list
> > Pauldotcom at mail.pauldotcom.com
> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> > Main Web Site: http://pauldotcom.com
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom at mail.pauldotcom.com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com