This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(144, 5%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
I have a question how to protect yourself from kali linux and other hacker programs, what ports should be blocked as generally as possible to protect yourself from them because antiviruses and firewalls are not enough, although I note that I have never used kali linux or parrot OS so please understand
I would like to ask how I should secure the network when it comes to network security, I have blocked ports such as TCP and UDP ports 135 ~ 139, 445, 1234, 3389 and 5555. What other ports should be blocked additionally to protect your home network when it comes to wifi I have WPA3 secured
I would like to ask you how to protect your computer, how to protect your BIOS against various attacks, what should be blocked to prevent an attacker from accessing the BIOS, how to protect HDD and SSD disks against the possibility of attacking the disk, I read that there are tools in linux that they can what should be blocked and is this option generally available ?? and how to protect processor and ram
Hi
For protecting against a program that boot and change setting on your hardisk I suggest to use BitLocker to encrypt your local disk, and the remove the possibility to boot from usb device from the device BIOS. (and to password protect the BIOS)
For protecting your network you can use IEEE 802.1X Port-Based Authentication, but it's costly. It a RADIUS method to make the device authenticate to gain netwrk access. If you can't use costly method I would make sure only your devices can get a IP from the DHCP, and disable unused network port from your switch.
For adding a layer of protection against virus and firewall you could setup AppLocker's rules, to prevent unautorized app to run.
"For adding a layer of protection against virus and firewall you could setup AppLocker's rules, to prevent unautorized app to run." - How AppLocker should be configured and how it is done
"For protecting against a program that boot and change setting on your hardisk I suggest to use BitLocker to encrypt your local disk, and the remove the possibility to boot from usb device from the device BIOS. (and to password protect the BIOS)" - I have a version of 10 home bitlocker win, unfortunately there is no other option in it, is there a bitlocker thread ??
"For protecting your network you can use IEEE 802.1X Port-Based Authentication, but it's costly. It a RADIUS method to make the device authenticate to gain netwrk access. If you can't use costly method I would make sure only your devices can get a IP from the DHCP, and disable unused network port from your switch." - How should this be done ??
Hi,
1: for applocker you can see some tutorial there; https://4sysops.com/archives/applocker-tutorial-part-1-planning/.
2: For that be sure you password protect your BIOS and you disable any boot method unless the SSD. With BitLocker on a user wont be able to take the SSD somewhere else to decrypt the data.
3: You need managed switch, and you turn off unused port, so an unknown device can't plug inside your network easilly. To protect the DHCP server, if it's a Windows server please see that guide; https://social.technet.microsoft.com/wiki/contents/articles/25665.how-to-enable-and-configure-dhcp-mac-address-filtering.aspx That way you create policy that only know MAC address get an IP inside your network.
answering the 2nd question the BIOS is password Windows starts in UEFI boot mode when it comes to the BIOS how to protect against attacks on UEFI is it possible at all