Re: TCP/IP Filtering in Windows 2000?
From: Alex Homer (alex@stonebroom.com)
Date: 01/26/03
- Next message: Robert Moir: "Re: I feel a little let down by Microsoft - Anyone else? [SQL Slammer Worm ]"
- Previous message: CK Chan: "pop ups invested through windows messenger"
- In reply to: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Next in thread: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Reply: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Reply: Benny Amorsen: "Re: TCP/IP Filtering in Windows 2000?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Alex Homer" <alex@stonebroom.com> Date: Sun, 26 Jan 2003 10:02:12 -0000
I already have TCP filtering on, with "Allow only" for TCP ports set and the
ports I need to use open (including 53). Browsing, ping and nslookup work
fine when UDP Ports is set to "Allow all". If I set UDP Ports to "Allow
only", and then add the same ports as TCP, plus all the others that several
people have suggested at various times (69, 139, 520, etc.) then browsing
produces "Not found" and ping produces "Server not found". After several
attempts over a long period, the results are always as above. It can only be
that I need to open another port. But which one?
Does anyone actually have this set up and working? I've tried the
combinations of ports shown on the very few Web sites that list the ports
you need. I suspect there is a bug or other problem in the Windows 2000
implementation, as I have never seen had a reply from anyone who actually
has a working setup that does allow browsing.
"x y" <levinson_k@excite.com> wrote in message
news:eqyXO8JxCHA.2184@TK2MSFTNGP09...
> Did you also enable TCP 53 as well? [probably a good idea] What happens
> when you try to use NSLOOKUP [example, NSLOOKUP www.yahoo.com ] to see if
> the problem is name resolution or not?
>
> I've heard that both TCP 1433 and 1434 should be blocked in both
directions,
> not just for this worm but for others. [Of course, blocking everything
> except that which is needed is even better.]
>
> You might also try IPSec filtering instead of TCP/IP filtering, since this
> can block outbound packets as well as inbound. Better yet, use a real
> firewall [neither of these features is a firewall]. www.sygate.com is
free,
> as are others. Firewalls give you logging, which is essential to
> troubleshoot problems like this.
>
> http://securityadmin.info/faq.htm#ipsec
>
> Also, internet is very slow or sometimes does not respond at all due to
> worms using up bandwidth. Any chance that could be your problem?
>
>
> "Alex Homer" <alex@stonebroom.com> wrote in message
> news:#ZOpeuJxCHA.2916@TK2MSFTNGP09...
> > It looks the suggestion is to block post 1434 to protect against the
> latest
> > DDoS attack. Anyone succeeded in setting up Windows 2000 TCP/IP
Filtering
> on
> > UDP packets, while still allowing browsing from this machine? Common
sense
> > says only port 53 needs to be open, but despite trying loads of other
> > "suggested" ports as well I still can't ping or browse from the machine
> with
> > UDP filtering enabled.
> >
> >
>
>
- Next message: Robert Moir: "Re: I feel a little let down by Microsoft - Anyone else? [SQL Slammer Worm ]"
- Previous message: CK Chan: "pop ups invested through windows messenger"
- In reply to: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Next in thread: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Reply: x y: "Re: TCP/IP Filtering in Windows 2000?"
- Reply: Benny Amorsen: "Re: TCP/IP Filtering in Windows 2000?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
