Re: Blocking ports

From: x y (jamescagney90210@excite.com)
Date: 07/02/02


From: "x y" <jamescagney90210@excite.com>
Date: Tue, 2 Jul 2002 13:09:15 -0400


I think it's really essential to have logging capabilities whenever you do
port blocking, for troubleshooting issues like this. Windows 2000 IPsec does
not have logging, so I would debate the value of choosing it over some third
party solution.

If you have logging capabilities, checking the log is always the first thing
I would think to do whenever you have a question like this. If you don't
have logging capabilities, install Windows 2000 Network Monitor [under
control panel,add/remove programs, windows components] or ethereal or
windump onto both machines to see what exactly is being sent and received or
not received.

I gave up on doing port filtering betweeen clients and the domain
controllers as it seems that several connections are opened on random ports,
sometimes originating from the domain controller.

"Asanga" <asanga@idnw.com> wrote in message
news:14aed01c221df$846ced70$3bef2ecf@TKMSFTNGXA10...
> I run W2K with AD and I have a member server logging into
> the domain. In the member server I have blocked all
> unnecessary ports accoung to this article -
> http://www.microsoft.com/technet/treeview/default.asp?
> url=/TechNet/prodtechnol/windows2000serv/reskit/tcpip/part4
> /tcpappc.asp
>
> I have opened the domain and kerberos authentication ports
> but still when I log into the domain, it takes very long
> time for me to log into it. It takes about 5 minutes for
> the log in process but it works. Has anyone experience
> this before? and if so what specific ports can I leave
> open?
>
> Thanks
>



Relevant Pages

  • Re: This is real and serious [was Re: New Threat From Hackers]
    ... I wasn't very precise about the ports that need blocking. ... just NetBIOS ports and you don't need to block all NetBIOS ports. ... Kent W. England, Microsoft MVP for Windows ... > Internet users are going to lose control of their computers. ...
    (microsoft.public.security)
  • Re: My another computer is vulnerable!
    ... You didn't mention what version of Windows you're running. ... Also, configure automatic updates in start, settings, control ... Either your security check is wrong, or your firewall isn't protecting you, ... ports that aren't really open. ...
    (microsoft.public.security)
  • Re: "Network" icon
    ... To close a number of ports, GRC suggests to use the Network icon and re-configure bindings to a certain indicted form. ... There seems to be no control of Server Types, no way to uncheck "i want to enable NetBIOS over TCP/IP" on any and all protocol lines, no way to install NetBEUI, and no way to change/set hardware adaptor bindings. ... 1- The information on the GRC page is severely out of date, it was written pre Windows 2000, it makes absolutely no mention at all of any operating systems post 1998. ...
    (microsoft.public.win2000.general)
  • Re: Strange ports open
    ... but both NetBIOS / Windows networking and Exchange open ... I recommend keeping a log of the ports found open ... Administration Tools [Server Manager, User Manager, Event Viewer, Registry ...
    (microsoft.public.security)
  • Re: New/old Trojan?
    ... > looking on google ... anything on Windows systems, ... Sounds like this malware may have rootkit-like ... ports can be useless. ...
    (Incidents)