Re: How block socket ports
From: x y (jamescagney90210@excite.com)
Date: 07/15/02
- Next message: Jeff Cochran: "Re: More food for thought"
- Previous message: x y: "Re: HELP! New User, Need to know how to enable security"
- In reply to: news.microsoft.com: "Re: How block socket ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "x y" <jamescagney90210@excite.com> Date: Mon, 15 Jul 2002 07:56:17 -0400
I would advise against the IPsec filtering that comes with Windows 2000 as
there is no logging, which is absolutely essential during troubleshooting
and to tell if someone is hacking your machine. The other alternative would
be a third party hardware and/or software firewall. Sygate is a software
firewall that is free for non-commercial use. Hardware firewalls start at
around $70 for a Netgear NAT router.
If you have echo, you have unnecessary insecure services installed,
specifically under control panel, add/remove programs, windows components,
networking you have simple TCP/IP Services installed. If security is
important, you should go through this section and consider removing any
other non-essential items, disabling nonessential services in Computer
Management, follow the securing Windows and IIS checklists at
www.microsoft.com/security including installing IISlockdown with URLScan,
install all microsoft security patches, sign up for the microsoft newsletter
to be informed about new security patches which is also at the above URL,
have an antivirus program like Norton that is set to download updates daily,
etc. Additionally you may want to find other non-microsoft guides to
securing Windows by searching google for something like "harden OR hardening
windows-2000" As you may know, filtering ports is only one part of a
security plan and does not replace securing the system.
"news.microsoft.com" <bommareds@hotmail.com> wrote in message
news:uKbAih8KCHA.1596@tkmsftngp13...
Port filtering is a better option in case you want to restrict access only
on ports basis.
However, in case you want to block access to your application port based on
IP addresses also, I suggest you go ahead and experiment with IPSec
Filtering. Do let me know in case you need any help in configuring the same.
Reddy
"Eric Chamberlain" <telogix@hotmail.com> wrote in message
news:OK6voQ8KCHA.1988@tkmsftngp08...
> Use port filtering under the network connection advanced features.
>
> --
> --
> Eric Chamberlain
> CISSP, CCNA, CCDA, MCSE, CCA
>
>
> "Tarvirdi" <parssystem@kosar.net> wrote in message
> news:uFDmTJwKCHA.1916@tkmsftngp11...
> > I want to write a special socketserver for my purpose on my port (eg
> 4545).
> > for security reasons I want prevent other ports to be activate on my
> server.
> > I can remove iis,exchange and other services but when I noticed to
> standard
> > ports I found many items (echo,..). for security reasons I want to block
> > other ports except myself.
> > how can I do that? all above is for security perpose.
> > any suggestions?
> > Tarvirdi
> > parssystem@kosar.net
> >
> >
> >
> >
>
>
- Next message: Jeff Cochran: "Re: More food for thought"
- Previous message: x y: "Re: HELP! New User, Need to know how to enable security"
- In reply to: news.microsoft.com: "Re: How block socket ports"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
