Re: IP filtering

From: Karl Levinson [x y] mvp (jamescagney90210@excite.com)
Date: 01/30/03

• Next message: Karl Levinson [x y] mvp: "Re: workgroup!"
• Previous message: Karl Levinson [x y] mvp: "Re: script for windows 9x"
• In reply to: Sigitas Skublickas: "IP filtering"
• Next in thread: Sigitas Skublickas: "Re: IP filtering"
• Reply: Sigitas Skublickas: "Re: IP filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "Karl Levinson [x y] mvp" <jamescagney90210@excite.com>
Date: Thu, 30 Jan 2003 17:08:23 -0500

IP filtering won't prevent the server from listening. It might prevent the
server from responding. I"m also not sure the IP filtering feature will
block outbound connections, so that worms and other remote access trojans
might still be able to remotely control your computer or email out password
files or other data. There's also no logging or alerting or intrusion
detection, so if you're hacked, good luck finding the hacker.

Having said all that, closing a port is not just about filtering, it's also
about finding the service that's listening on a port and disabling that
service. Vision from www.foundstone.com/knowledge or www.google.com both
might help you determine what service to disable, as would posting the port
numbers here.

See here for some other things you might want to do to make sure your
computer is secure:

http://securityadmin.info/faq.htm#harden
http://securityadmin.info/faq.htm#closeport

"Sigitas Skublickas" <sskublickas@acf.hhs.gov> wrote in message
news:OgVzdHKyCHA.2684@TK2MSFTNGP11...
> Can anybody help me with this:
> I set up IP filtering on my NIC enabling only 20, 21, 80 and 3389 ports.
> How can make sure my server acceps calls ONLY on those ports? When
> I type in CMD netstat -a I get a list of at least 30 TCP or UDP ports
> that are in listening mode. Thanks in advance !

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/2003

---

• Next message: Karl Levinson [x y] mvp: "Re: workgroup!"
• Previous message: Karl Levinson [x y] mvp: "Re: script for windows 9x"
• In reply to: Sigitas Skublickas: "IP filtering"
• Next in thread: Sigitas Skublickas: "Re: IP filtering"
• Reply: Sigitas Skublickas: "Re: IP filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Inbound email problem ... Could it be that Qwest is blocking port 25 traffic? ... Can you telnet into your exchange server? ... Do you have exchange server antispam or connection filtering enabled? ... (microsoft.public.windows.server.sbs) Re: RealVNC ... Default listening port for RealVNC server that runs on the machine on which ... Then there is default Java listening port on port 5800 on the client machine ... (microsoft.public.windows.server.sbs) Re: RealVNC ... I use VNC behind server ... Default listening port for RealVNC server that runs on the machine ... And then "other"party - not the client can run RealVNC Viewer in ... (microsoft.public.windows.server.sbs) RE: Cannot make either RWW or Remote Desktop Connection to server internally yet 3389 responds ... SBS server from internal and external network. ... Let us refer to the following steps to troubleshoot the issue: ... to listen on port 3389. ... How to change the listening port for Remote Desktop ... (microsoft.public.windows.server.sbs) Re: RealVNC ... I use VNC behind server ... Then there is default Java listening port on port 5800 on the client ... (microsoft.public.windows.server.sbs)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)