Firewall Configuration
Setting up your firewall on any platform is relatively easy, but
it's the functions that a cybersecurity specialist will mostly focus
on. The reason for this is that firewalls are programs that have
many features, and by default, all they do is keep a log of incoming
and outgoing traffic to a server or device.
However, they need to be instructed on what to block and what not to
block as online threats become more advanced. As we enter into an
era of using artificial intelligence for decision-making processes,
we can begin to visualise how well a firewall program will perform
using this type of technology, coinciding with modern anti-virus
software.
Though this is a huge advantage to security analysts, we still need
to configure our devices in such a manner that helps identify
threats before they occur and even after an incident. We need to be
able to identify
where a threat comes from, how it happened and what to do next
time.
This basic principle allows security analysts to modify a firewall
to anticipate attacks and prevent them, while also keeping a record
of all incoming and outgoing traffic. I could go on for a long while
explaining all the features, types of firewalls, and configuration
methods, but what would be useful is if I show you some examples of
what it can do or types of configurations.
/* Example Code */
# Clear old rules
sudo iptables -F
# Block everything by default
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT
# Allow local and active connections
sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
# Allow SSH (remote access)
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Allow web traffic
sudo iptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT
# Save the configuration
sudo iptables-save | sudo tee /etc/iptables/rules.v4
1. Open the Firewall
Click the Start Menu, type “Windows Defender Firewall”, and open it.
In the left panel, click “Turn Windows Defender Firewall on or off.”
Make sure it’s ON for both Private and Public networks.
Go back to the main window and click “Advanced settings.”
In the pop-up, click “Windows Defender Firewall Properties.”
Under each tab (Domain, Private, Public), set Inbound connections to Block and Outbound connections to Allow.
In the left panel, click “Inbound Rules.”
On the right, choose “New Rule.”
Select Port, then Next, choose TCP, and type 80, 443 (for websites).
Click Next → Allow the connection → Finish.
Repeat for port 22 if you use SSH (for remote access).
Still in “Advanced settings,” click “Monitoring → Firewall”.
Open Properties → Logging tab.
Turn on “Log dropped packets.”
This helps you see what the firewall is blocking.
Mac OS
1. Open Firewall Settings
Click the Apple menu → System Settings → Network → Firewall.
2. Turn It On
Switch the Firewall toggle to ON.
3. Enable Stealth Mode
Click “Options…” (or “Options & Details”).
Turn on “Stealth Mode.”
(This hides your computer from unknown network requests.)
4. Allow Only Needed Apps
In the same window, review the list of apps.
Remove or deny access to apps you don’t need network access for.
Make sure only your web server, browser, or other necessary tools are allowed.
5. Advanced Users (Optional)
If you want more control, you can use pf (Packet Filter), macOS’s advanced firewall — but for most users, the built-in firewall is enough and much safer to manage.
These are some basic configurations and you may want to consult a cybersecurity professional to help you navigate around some commands and instructions.