Thread Info
  • State Suggested Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 20 replies
  • Answers 2 answers
  • Subscribers 33 subscribers
  • Views 5441 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

KBA 135412 - access to User/admin Portal - Local service ACL exceptions are not working

lukg

Why the access to user portal or admin portal can't be restricted to selected countries only ? This would reduce the scope for any attacks.



This thread was automatically locked due to age.
Parents
  • 0
    Hello Guys, Sorry if this question is dumb, but what is the point to have a drop rule on the local service ACL exceptions? If we have an « accept » rule which allows only the things we want, the firewall will drop every other requests isn’t it ? Thanks for your answer.
Reply
  • 0
    Hello Guys, Sorry if this question is dumb, but what is the point to have a drop rule on the local service ACL exceptions? If we have an « accept » rule which allows only the things we want, the firewall will drop every other requests isn’t it ? Thanks for your answer.
Children
  • 0 in reply to VikenNajarian

    Sorry for late reply.

    1) logging reasons

    2) last time I checked, traffic coming from a cytrix/RDS server using STATC that's not filtered by that terrible "Detour_Launcher" (like all the Chrome v84 traffic, or system generated, or coming from users that closed their Detour_Launcher processes) is not blocked by "rule 0" (issue present since 2016, on Cyberoam OS with CATC version newer than 2.0.4.3).