RE: Detailed Port Filtering

From: Kevin Kaminski (Kevin.Kaminski@telus.com)
Date: 04/05/02


From: "Kevin Kaminski" <Kevin.Kaminski@telus.com>
To: "'Joseph Brown'" <emailjoebrown@yahoo.com>, focus-ms@securityfocus.com
Date: Thu, 4 Apr 2002 15:49:18 -0700

The entire project is too small scale to consider buying a commercial
product when the built in RRAS port filtering will suffice. If you look at
most port documentation you will notice a lack of detail when it comes to
filtering the protocol. Go to the two links in my message and you will
notice the difference in detail. Or for a more specific example Microsoft
documentation regarding SQL Server 2000 states that the SQL Server
connections running over TCP/IP require port 1433 (TCP/UDP? not mentioned).
When performing a connection and using a network sniffer you will find that
traffic occurs on port 1433 TCP but while registering the server through SQL
Enterprise Manager there is traffic on 1434 UDP. Try looking at the issue in
depth and you may have trouble in finding solid technical information to
reference.

-----Original Message-----
From: Joseph Brown [mailto:emailjoebrown@yahoo.com]
Sent: Thursday, April 04, 2002 3:01 PM
To: Kevin Kaminski; focus-ms@securityfocus.com
Subject: Re: Detailed Port Filtering

Not sure I understand. First, why reinvent the wheel?
 There are a number of software firewalls that run on
W2K server, from enterprise to host based. Or you
could use the TCP/IP filtering on the Advanced tab of
the TCP/IP Settings dialog box.

If you don't know port you need, sounds like you need
to first learn what apps you're using.

--- Kevin Kaminski <Kevin.Kaminski@telus.com> wrote:
> I'm looking at building my first IP port firewall
> for my Windows 2000
> Server. I have looked at IP port references such as
> http://www.iana.org/assignments/port-numbers but it
> seems that the list is
> not specific as to weather the protocol requires
> both TCP/UDP connections. I
> have found a list that almost has what I am looking
> for
>
(http://www.chebucto.ns.ca/~rakerman/port-table.html)
> but it covers a
> limited range of services. I could sit with a
> sniffer and take the server
> through it's paces but I was wondering if someone
> would know a good resource
> that could help an NT Administrator make sound
> decisions while building a
> port filter.
>
>

__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/



Relevant Pages

  • Re: Renamed server, cant connect...
    ... I have the same understanding that port 139 should be used if netbios over ... tcp/ip is enabled and it is not being blocked by tcp/ip filtering, ... > server is the only problem child. ... >> support tools are found on the install disk for the server operating ...
    (microsoft.public.windows.server.networking)
  • Re: Windows XP Professional/SQL Server 2000 (SP3a) - General Netwo
    ... What are the server protocols enabled? ... Named pipes, TCP/IP ... please note the port number that this protocol ...
    (microsoft.public.sqlserver.server)
  • Re: Renamed server, cant connect...
    ... anything else offhand that would cause a computer to be able to use port 445 ... but not 139 unless netbios over tcp/ip is disabled on the client or there is ... make sure the tcp/ip netbios helper service is running on the server. ...
    (microsoft.public.windows.server.networking)
  • Re: Kerio 2.1.5 Blocking SQL remote server
    ... SQL Server 2000 supports a variety of connection protocols. ... faster also) is TCP/IP - SQL Server listens on a known port, your client ... connects to that port. ...
    (comp.security.firewalls)
  • Re: Windows-Firewall auf 2003-Server
    ... Port 1433 haben wir da natürlich freigegeben. ... wenn sich die Clients die Serverinstanzen selber suchen sollen musst Du auch ... Server-Alias definieren mit dem Du sie explizit per TCP/IP auf den ... Womit willst Du Dich denn zum Server connecten? ...
    (microsoft.public.de.sqlserver)