RE: Binding Windows Services to Specific Addresses Only
- From: "Maxime Ducharme" <mducharme@xxxxxxxxxxxxxxxxxxx>
- Date: Fri, 9 May 2008 10:43:37 -0400
Hello Chris
Look at the services configuration, you often have a "listen on" option
Example : DNS server
By default DNS is listening on all interfaces, you can verify with netstat
Command
netstat -an |find ":53"
UDP 0.0.0.0:53
Go to DNS server's config panel, and set an address to "listen to", let say
It should be bound to the internal address 192.168.25.16
Netstat will then show
UDP 192.168.25.16:53
Other interfaces (like WAN) shouldn?t reply to DNS requests.
Hope that helps
Have a nice day
Maxime Ducharme
-----Message d'origine-----
De : listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] De
la part de Christian Koerner
Envoyé : 3 mai 2008 19:13
À : focus-ms@xxxxxxxxxxxxxxxxx
Objet : Binding Windows Services to Specific Addresses Only
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello everybody!
When it comes to Windows hardening and in specific restricting
Windows' services, the only suggestions that I've found so far are:
*) disable unnecessary services
*) restrict network access through packet filtering
What else can be done and isn't it possible to bind Windows' services
to a specific address/interface, e.g. LAN.
Thanks in advance
Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIHPGV6rqywW28g1IRAohNAKCQ9vfcx/N5vRr0bbbiBityYayO4wCgottt
+JClyFFafYzq0ojEA0AfS1c=
=2nbF
-----END PGP SIGNATURE-----
- References:
- Binding Windows Services to Specific Addresses Only
- From: Christian Koerner
- Binding Windows Services to Specific Addresses Only
- Prev by Date: RE: Binding Windows Services to Specific Addresses Only
- Next by Date: RE: Binding Windows Services to Specific Addresses Only
- Previous by thread: RE: Binding Windows Services to Specific Addresses Only
- Next by thread: SecurityFocus Microsoft Newsletter #393
- Index(es):
Relevant Pages
|
