Blocking Port

From: Isabella (isabella_lau_at_hotmail.com)
Date: 04/29/03 

Date: Tue, 29 Apr 2003 18:30:04 +0800

I use "netstat" and see many unknow user connect to my web server( Win2K SP3
IIS5 FP2002 Extension).

netstat shows this:
 Proto Local Address Foreign Address State
 TCP hunter-2698a30f:http 202.188.224.20:40701 TIME_WAIT

How to block unwanted port(without extra $) if I don't have firewall?

How to disconnect these unknown user?

Thanks

Relevant Pages

  • Re: Code Red Doesnt care about TCP sessions?
    ... Code Red Doesn't care about TCP sessions? ... I also neglected to state that I've correlated this activity to firewall ... >> from the Web server before it sent it's ACK and then GET request. ...
    (Incidents)
  • Re: [Full-disclosure] 0trace - traceroute on established connections
    ... variety of different probes using both UDP and TCP layer-4 protocols. ... elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP ... a tool to probe firewall ACLs; ...
    (Full-Disclosure)
  • Re: [Full-disclosure] 0trace - traceroute on established connections
    ... For example, rather than only launching UDP probes in an attempt to elicit ICMP "TTL exceeded" from hosts in the path, LFT can send TCP SYN or FIN probes to target arbitrary services. ... a tool to probe firewall ACLs; ...
    (Bugtraq)
  • Re: R2 DFS Replication failing
    ... Disabled the firewall and everything started magically working.. ... BTW: Found out the RPC patch is this one: ... System service name: DfsApplication protocol Protocol Ports ... NetBIOS Session Service TCP 139 ...
    (microsoft.public.windows.server.general)
  • Re: Monitor port Access(File Transfer Activity)
    ... Probably, just capture the activity on the control channel [TCP 21], since ... If your firewall does not permit this capability [and your firewall ...
    (microsoft.public.windowsxp.security_admin)