Re: TCP/IP Filtering and RAID

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 01/30/03

• Next message: Hiro Daryanani: "Re: CISSP Cert"
• Previous message: Security Alert: "SSRT3467 Sec. Vulnerability in Java"
• In reply to: Randy Stimpson: "TCP/IP Filtering and RAID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Thu, 30 Jan 2003 09:00:03 -0500

Searching www.google.com or www.google.com/advanced_group_search might be
helpful.

Or even better, you could use a free software firewall or sniffer
temporarily to see what is being sent. I think a software firewall is a
little better since a sniffer won't easily show you packets blocked vs.
packets permitted. www.sygate.com can let you set up packet rules just like
you did with IPSec to see what packets are being denied.

A lot of people have problems with IP Filtering, because there's no logging
or alerting or intrusion detection, which is why I think third party
software or a real firewall is usually preferable.

http://securityadmin.info/faq.htm#sniffer
http://securityadmin.info/faq.htm#firewall

"Randy Stimpson" <Randy.Stimpson@prtracker.com> wrote in message
news:aOZZ9.1899$cu4.155@nwrddc02.gnilink.net...
> I have a 2650 Dell Server configure with RAID level 1. I am setting this
> server as a standalone dedicated business web server. In order to secure
the
> server, I am enabling IP Filtering to only allow the ports I want.
However,
> after I select the ports I want to allow, I get an error message when I
> reboot telling me "At least one service or driver failed during system
> setup. Use Event Viewer to examine the event log for details."
>
> The event log records the error "Unable to register COM class object" and
> provides the information item saying the "RSM was stopped". The source for
> both the error and the information item is Removeable "Storage Service".
>
> The ports I opened are 21, 25, 80, 110, 443, 445, 3389 and 32001.
>
> Does anyone know why I am getting this message when I implement TCP/IP
> filtering or what additional port(s) I need to open?
>
> --
> Randy Stimpson
> Bug tracking doesn't have to be complicated
> http://www.prtracker.com/info.html
> http://www.prtracker.com/download.html
>
>

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/2003

• Next message: Hiro Daryanani: "Re: CISSP Cert"
• Previous message: Security Alert: "SSRT3467 Sec. Vulnerability in Java"
• In reply to: Randy Stimpson: "TCP/IP Filtering and RAID"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: TCP/IP Filtering and RAID ... you could use a free software firewall or sniffer ... little better since a sniffer won't easily show you packets blocked vs. ... > I have a 2650 Dell Server configure with RAID level 1. ... (microsoft.public.win2000.security) Catalyst 4000 ... Packets captured are unicast-mac and are not destined for the ... Sniffer is on a different port than the workstation and servers. ... workstation --> DNS server ... (Bugtraq) Re: NT 4 server firewall? ... But the firewall doesn't protect you from this. ... >> available for securing said server. ... A software firewall on a SQL server would NOT in any ... (comp.security.firewalls) RE: Best software based firewall for Windows 2003 IIS ? ... I currently have one box with one static for IIS, RDP and FTP. ... > straightforward Zone-Alarm type software firewall for Windows 2003 Server. ... (microsoft.public.inetserver.iis) RE: Best software based firewall for Windows 2003 IIS ? ... > straightforward Zone-Alarm type software firewall for Windows 2003 Server. ... > port 80 IIS) ... (microsoft.public.inetserver.iis)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint