Re: Messenger Service

• Previous message: Steven L Umbach: "Re: Validating Certificates for use in L2TP"
• In reply to: Jason D. Williard: "Re: Messenger Service"
• Next in thread: Doug Sherman [MVP]: "Re: Messenger Service"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 20 May 2003 20:35:48 -0400

Good... I hope the firewall gets configured also to block all ports and
protocols by default [probably also including ICMP] both inbound and
outbound except for those that are specifically needed.

Configuring NAT to only forward certain protocols is OK, but I think you'd
really want to duplicate that in your firewall ACL rules as well. Why rely
on just NAT when you can use firewall ACLs in addition?

"Jason D. Williard" <jasonw@pacifier.com> wrote in message
news:vcla7d1rhqi77a@corp.supernews.com...
> I actually went ahead and setup selective forwarding. I've removed this
> machine from the DMZ.
>
> Jason Williard
> janix.net
>
> "Steven L Umbach" <sumbach@ameritech.net> wrote in message
> news:pZvya.19757$%_3.8596018@newssrv26.news.prodigy.com...
> > Disable the messenger service. Sounds like your firewall might
> have
> > too many holes in it. You should be using a default block all rule and
> then
> > only allow those ports necessary for provided services. File and print
> > sharing should be disabled on the nic also if it is in a dmz - I am
> assuming
> > it is a dedicated web/mail server since it is there. Go to
http://grc.com
> > and run Shields Up and Probe My Ports for a basic firewall check. Also
run
> > Microsoft Baseline Security Analyzer on your server for basic check and
> the
> > IIS lockdown tool if providing Web services. TechNet security site
> provides
> > a lot of info about securing your server. --- Steve
> >
> > http://www.microsoft.com/technet/ Select security from list on left.
> >
> > "Jason D. Williard" <jasonw@pacifier.com> wrote in message
> > news:vckv4fiaoenhb0@corp.supernews.com...
> > > Currently, I have a windows 2000 server behind a firewall but in the
> DMZ.
> > > The server is constantly being hit through the messenger service, so I
> > would
> > > like to block that specific port. Does anyone know what port the
> > Messenger
> > > service runs on?
> > >
> > > Thank You,
> > > Jason Williard
> > > janix.net
> > >
> > >
> >
> >
>
>

• Previous message: Steven L Umbach: "Re: Validating Certificates for use in L2TP"
• In reply to: Jason D. Williard: "Re: Messenger Service"
• Next in thread: Doug Sherman [MVP]: "Re: Messenger Service"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Why open? How do I close? ... Configuring your firewall is a great thing. ... But before the firewall, there is some basis that you apparently know. ... filter ports and close services. ... -- binarym@trait-plat]:/home/binarym$ lsd zsh: correct 'lsd' to 'ls'? ... (comp.os.linux.security) Re: [fw-wiz] stop microsoft p2p ... how can you prevent some protocols ... The tricky bit with trying to interpose a firewall between any pair ... been orders of magnitude more expensive than switch ports. ... (Firewall-Wizards) Re: Help configuring USR9003 for MSN Zone ... the USR9003 in your case needs both the Firewall and Port ... forwarding configured for ports 2300-2400. ... then only the firewall needs configuring. ... > I can access the web and play counterstrike, ... (comp.security.firewalls) Re: VPN Choices ... > Actually, it is a firewall, it can be set to block incoming and /or outgoing ... > ports / protocols in either direction. ... (comp.security.firewalls) Re: Natted IP ... >>local IP and can guess other protocols that might be allowed through the ... >>against a target and required for firewall protocol tunneling exploits. ... >>run only with JS enabled with Java applets disabled. ... tunnel through a firewall using blind protocols such as an exposed UDP ... (alt.computer.security)