RE: Basic firewall filtering question
From: Gallina, Michael (gallina_at_ocjs.ohio.gov)
Date: 07/26/04
- Previous message: VHP3: "Re: Which ports to block?"
- Maybe in reply to: Ferino Mardo: "Basic firewall filtering question"
- Next in thread: Ferino Mardo: "RE: Basic firewall filtering question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Jul 2004 14:27:29 -0400 To: <security-basics@securityfocus.com>
If it's a local (Personal) firewall, then you would want to eliminate
brodcasts on those ports.
For example, you could create a deny rule for 192.168.0.255 on ports 137
and 139 (assuming a 192.168.0.x network).
This way, the machine isn't notifying anyone on the network about its
presence.
-Michael
-----Original Message-----
From: Ferino Mardo [mailto:RMardo@ALJOMAIHBEV.com]
Sent: Saturday, July 24, 2004 8:47 AM
To: security-basics@securityfocus.com
Subject: Basic firewall filtering question
If a personal firewall is installed in a PC connected to a Win2K LAN,
netbios is allowed by allowing ports 137 to 139 in both directions. How
does one define a rule such that:
1. active directory authentication/browsing works
While at the same time making the PC invisible to the rest of the LAN
users?
TIA.
------------------------------------------------------------------------
--- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
- Previous message: VHP3: "Re: Which ports to block?"
- Maybe in reply to: Ferino Mardo: "Basic firewall filtering question"
- Next in thread: Ferino Mardo: "RE: Basic firewall filtering question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
