Question

• How could blocking all ICMP traffic protect you?
• Could you still access some websites with your Port 80 rule enabled? Why?
• Why would you want to allow incoming (not outgoing) Port 443, but block incoming Port 80?
• Could malware rename itself in order to get through a firewall? Why would this work?

Answer 1

Hi Please find the answer of below question-

Q1-How could blocking all ICMP traffic protect???

Answer-There two firewall rules below-

1-Select window and Click Start->Control Panel->System and Security-> and Windows Firewall.
Click Advanced settings->click Outbound Rule-> New Rule (right-hand pane)->Click Custom->Next-> and Next
Change the dropdown box to ICMPv4->click Next-> Next-> Next-> Next.
Click Finish.
Return to your command prompt.
Type ping www.google.com
This rule will block all ICMP traffic, it will effectively prevent you from using the ping command to send ICMP packets to other computers.
You can use a command prompt to verify the rule was effective or not.

2-Select window and Click Start->Control Panel->System and Security-> and Windows Firewall.

Click Advanced settings->click Outbound Rule-> New Rule (right-hand pane)->Click Port->Next-> type “80” into the text box for Specific remote ports

Browse to any non-secure (not HTTPS) only http websites and,Return to the Windows Advanced Firewall window,Select both of the rules you created.
Right-click the selected rules->Click Disable Rule. (If you don’t disable the rules, your ICMP and Web traffic will still be blocked.)

Q2-Could one still access some websites with Port 80 rule enabled??

Answer-In some websites Port 80 is associated with Web traffic (HTTP) and Once you created and enabled the rule,
all outgoing Port 80 traffic will be blocked then You will use a Web browser to verify the rule was effective,

Q3-Why would you want to allow incoming (not outgoing) Port 443, but block incoming Port 80?

Answer-Because port 80 is the port that server "listens to" or expects to receive from a Web client and assuming that the default was taken when the server was configured or set up,
A port can be specified only in the range from 0-65536 on the NCSA server, In some websites Port 80 is associated with Web traffic (HTTP) and Once you created and enabled the rule,
all outgoing Port 80 traffic will be blocked then You will use a Web browser to verify the rule was effective but secure Web traffic (HTTPS) running over Port 443 will still be accessible.

Q4-Could malware rename itself in order to get through a firewall? Why would this work?

Yes, malware can rename but its not mean it will require to make it though the firewall, It depends on the type of firewall, and the specific functionality of that firewall,and the firewall a malware can be rename itself, But it is not concluded that it is essential to make it only through the firewall,A firewall only protects unauthorized access through a network while allowing authorized access ,and if you visit a page encrypted with a virus or other malware, malware incidents is caused by outsiders,