windows firewall for CTF

[dninja at gmail.com (Robin Wood)]

Thanks for the various answers so far.

Looks like I'll go with Johns suggestion of ipsec rules as they are
built in by default and available on fresh installs. The windows
firewall may do what I want but means I have to install service packs
which I don't want to do for some of the labs.

I'll probably write a policy for each lab and then just switch between
them at the right points, should make things fairly easy to
administer. Might even look at trying some windows scripting so I can
just run a script to switch or to show me the current active policy.

I don't have to have any of this in place till next year but if I get
it sorted out I'll try to remember to report back how it went.

Robin

2009/12/6 Robin Wood <dninja at gmail.com>:
> Hi
> I'm not a windows user so the answer to this might be obvious to
> others but I'm looking for a firewall that will allow me to easily
> block single ports in and outbound without having to mess around with
> going through loads of menus or saying which applications are allowed
> to talk. I also don't want any windows smart-arsed stuff going on
> where it automatically blocks things like ICMP by default.
>
> I would say I want something like iptables but that implies I want
> loads of power which I don't, I just want easy to setup and no
> surprises.
>
> The context for this is I teach a hacking course and want to be able
> to use the same VM for a number of exercises, for one I'll allow
> access to the vulnerable ftp server, for the next I want to close that
> port so the attackers have to go in a different way. I also want to be
> able to close outbound ports so when they use Metasploit reverse
> shells on the default port of 4444 they don't get anything so have to
> change port numbers.
>
> What would people recommend?
>
> Robin