Re: Open ports ? - Any MS personnel ?

From: Richard Benack [MS] (richbe@online.microsoft.com)
Date: 07/12/02 

From: "Richard Benack [MS]" <richbe@online.microsoft.com>
Date: Thu, 11 Jul 2002 19:27:14 -0700

This may not exactly answer your question but you may want to look at using
a tool such as IISLOCKDOWN
(http://www.microsoft.com/technet/security/tools/tools/locktool.asp) to
turn off unnecessary services (e.g. ports) based on the role the server will
play. This maybe a more efficient way to harden your server.

Hope this helps

Rich

This posting is provided "AS IS" with no warranties, and confers no rights.

"agpiah" <agpiah@yahoo.com> wrote in message
news:155a401c228de$7d2199c0$a4e62ecf@tkmsftngxa06...
> First let me thank all those that replied to my original
> post, I believe that I was not concise enough with my
> question and therefore I am reposting (rather than
> continuing the thread which is a long way down the list by
> now)
>
> My original message was :-
> "Hi
>
> I am attempting to harden an IIS server and the following
> ports still remain open with the following programs
> attached to them. Can anyone please explain :-
>
> What these programs are associated to ?
> Can I close them ?
> What the effect of closing them would be ?
>
> Port 80/TCP Inetinfo.exe (required for HTTP traffic)
> Port 443/TCP Inetinfo.exem (required for HTTPS traffic)
> Port 1026/TCP Inetinfo.exe (????)
> Port 3456/UDP Inetinfo.exe (????)
> Port 1025/TCP msdtc.exe (????)
> Port 3372/TCP msdtc.exe (????)
> Port 135/TCP svchost.exe (????)
> Port 445/TCP ???? (????)
> port 445/UDP ???? (????)"
>
> I understand that I should put behind a firewall but I was
> coming from an educational viewpoint, what programs are
> causing the ports to open and what would the consequence
> be of closing them (and how). Im just the kind of person
> who needs to know why something is happening rather than
> just how to workaround.
>
> For example I understand that port 80 is opened by
> installing the web server and is required for HTTP traffic
> and closing would therefore stop HTTP traffic to my web
> server. The same for port 443 (HTTPS traffic) but can I
> close just this one port if HTTPS is not required (rather
> than filter which requires me to say which ports I need
> open, which I cant answer unless I know what all the ports
> that are currently open are doing?) what program is
> causing port 1025 to open etc...
>
> Sorry for such a long message,
>
> Regards
>
> Agpiah
>

Relevant Pages

  • Re: Do I Need a Proxy Server ?
    ... I also have an IP camera on my home network. ... If you run the camera's web server on port 80 there should be no problems at all. ... Unless your company restricts you to only a number of web sites, then just running on port 80 will work. ...
    (comp.sys.sun.admin)
  • RE: Some technical errors
    ... If the SMTP server is not running on port 25 TCP it is not a public ... Manager - Computer Assurance Services BDO Chartered Accountants & ...
    (Security-Basics)
  • Re: SRV RRs support in Internet Explorer?
    ... The port number could be implicit (i.e. ... At any point in time, a server could fail ... can't effectively LB or backup because NSs cache the records for the TTL ... I still don't see how SRV records would help backup or LB. ...
    (microsoft.public.win2000.dns)
  • RE: Outlook Web Access
    ... Please check if TCP port is opened on that device. ... On an internet client, ... "Web server name" in the "Web Server Certificate' page? ...
    (microsoft.public.windows.server.sbs)
  • Re: Still cant connect to RWW or OWA remotely
    ... I get 'cannot find server or dns error' on both ... TCP [port number]> to open the ports. ... As for error messages when I fail to access RWW with the laptop, ... network, no connection seems possible. ...
    (microsoft.public.windows.server.sbs)