Jump to content
Kaspersky Support Forum

Network Monitor - Block everything, except

A-Ferreira

By A-Ferreira
in Kaspersky: Basic, Standard, Plus, Premium

 Share

Recommended Posts

A-Ferreira

A-Ferreira

Posted
Posted

There's no reason to allow any network traffic that is not DNS, DHCP and web-browsig on 80,443.

However, some windows services use 443, but I want all applications blocked, except the browser.

I tried Disable the web-browsing rule and add an application rule (to the browser) to allow outbound traffic, however, this didn't work as it continued block (at the lower OSI level I believe).
What's the easiest way to achieve this whitelist (allow DNS, DHCP and browser (ex: firefox) on 80 and 443), block everything else (even if the OS blows up)
 

Screenshot2024-01-27193434.thumb.png.907d37340f15c916ad6b861e7480bef0.png

A-Ferreira

A-Ferreira

Posted
  • Author
Posted

Thanks for the welcome Guilhermesene,

Win 11 Pro, Kasp Standard

Guilhermesene4096

Guilhermesene4096

Posted
Posted (edited)

@A-Ferreira

Kaspersky version?

Spoiler

wDJ5dBEO24.thumb.png.7a49ec65c90e9f4da5efbdb4873460e5.png

Edited by Guilhermesene4096
A-Ferreira

A-Ferreira

Posted
  • Author
Posted

latest, fully updated

Guilhermesene4096

Guilhermesene4096

Posted
Posted (edited)

@A-Ferreira

The firewall settings that come by default in Kaspersky are recommended by Kaspersky experts for your security.

Even so, you can modify them according to your needs, but you may have some problems, especially in relation to the system's own applications, such as Windows Update, among others.

To block network access for all applications, do the following:

Spoiler

Block network access for all groups → Trusted - Untrusted - High restriction - Low restriction

01.thumb.png.f6a360dfb992c11485a859c223a5f34c.png

02.thumb.png.d16fea73117cc9275aa168815eba854f.png

This will block network access for all applications (including new applications that are installed).

Now, you only allow access to the internet through the browser you use.

03.thumb.png.99f6d19c273b4f1fbddf03196132e2c6.png

Regarding the issue of releasing the firewall only for DNS, DHCP and the browser, this is already done by default (there is no need to release these ports, except for DHCP).

If you look, there are already DNS rules configured in the firewall.

Unless your computer will provide some IP address over the network, there is no need to release any ports over DHCP.

Edited by Guilhermesene4096
  • Like 2
A-Ferreira

A-Ferreira

Posted
  • Author
Posted

I've deleted all packet rules and created my own, but yes, used 3 templates as you noticed.

That was super helpful Guilhermesene!

You have a great day

  • Like 1

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...