Re: Binding Windows Services to Specific Addresses Only
- From: Steve Friedl <steve@xxxxxxxxxxx>
- Date: Mon, 5 May 2008 08:55:35 -0700
On Sun, May 04, 2008 at 01:13:17AM +0200, Christian Koerner wrote:
When it comes to Windows hardening and in specific restricting
Windows' services, the only suggestions that I've found so far are:
*) disable unnecessary services
*) restrict network access through packet filtering
What else can be done and isn't it possible to bind Windows' services
to a specific address/interface, e.g. LAN.
AFAIK, there is no general mechanism to bind services to specific
interfaces or addresses - I know the Services API doesn't have any
such thing. Instead, the application itself must choose to provide a
mechanism for this (which is normally exposed in a GUI or registry entry).
Most don't.
Steve
--
Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561
www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | steve@xxxxxxxxxxx
- Follow-Ups:
- RE: Binding Windows Services to Specific Addresses Only
- From: Wayne S. Anderson
- RE: Binding Windows Services to Specific Addresses Only
- References:
- Binding Windows Services to Specific Addresses Only
- From: Christian Koerner
- Binding Windows Services to Specific Addresses Only
- Prev by Date: Re: Binding Windows Services to Specific Addresses Only
- Next by Date: RE: Binding Windows Services to Specific Addresses Only
- Previous by thread: Re: Binding Windows Services to Specific Addresses Only
- Next by thread: RE: Binding Windows Services to Specific Addresses Only
- Index(es):
Relevant Pages
|
