RE: Detailed Port Filtering

From: Kevin Kaminski (Kevin.Kaminski@telus.com)
Date: 04/05/02


From: "Kevin Kaminski" <Kevin.Kaminski@telus.com>
To: "'Joseph Brown'" <emailjoebrown@yahoo.com>, focus-ms@securityfocus.com
Date: Thu, 4 Apr 2002 15:49:18 -0700

The entire project is too small scale to consider buying a commercial
product when the built in RRAS port filtering will suffice. If you look at
most port documentation you will notice a lack of detail when it comes to
filtering the protocol. Go to the two links in my message and you will
notice the difference in detail. Or for a more specific example Microsoft
documentation regarding SQL Server 2000 states that the SQL Server
connections running over TCP/IP require port 1433 (TCP/UDP? not mentioned).
When performing a connection and using a network sniffer you will find that
traffic occurs on port 1433 TCP but while registering the server through SQL
Enterprise Manager there is traffic on 1434 UDP. Try looking at the issue in
depth and you may have trouble in finding solid technical information to
reference.

-----Original Message-----
From: Joseph Brown [mailto:emailjoebrown@yahoo.com]
Sent: Thursday, April 04, 2002 3:01 PM
To: Kevin Kaminski; focus-ms@securityfocus.com
Subject: Re: Detailed Port Filtering

Not sure I understand. First, why reinvent the wheel?
 There are a number of software firewalls that run on
W2K server, from enterprise to host based. Or you
could use the TCP/IP filtering on the Advanced tab of
the TCP/IP Settings dialog box.

If you don't know port you need, sounds like you need
to first learn what apps you're using.

--- Kevin Kaminski <Kevin.Kaminski@telus.com> wrote:
> I'm looking at building my first IP port firewall
> for my Windows 2000
> Server. I have looked at IP port references such as
> http://www.iana.org/assignments/port-numbers but it
> seems that the list is
> not specific as to weather the protocol requires
> both TCP/UDP connections. I
> have found a list that almost has what I am looking
> for
>
(http://www.chebucto.ns.ca/~rakerman/port-table.html)
> but it covers a
> limited range of services. I could sit with a
> sniffer and take the server
> through it's paces but I was wondering if someone
> would know a good resource
> that could help an NT Administrator make sound
> decisions while building a
> port filter.
>
>

__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/