Re: Advertising page

From: Steven Umbach (n9zrou_at_nscomcast.com)
Date: 11/18/03

• Next message: quspyder: "recovering deleted items"
• Previous message: Steven Umbach: "Re: Everyone Group"
• In reply to: Lex: "Advertising page"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 18 Nov 2003 04:50:05 GMT

It sounds like your firewall is misconfigured or you are not using one for that
computer. Go to http://scan.sygatetech.com/ to do a basic vulnerability
assessment for that server and see if you have netbios/smb ports exposed such as
135,137,138,139,445 udp and or tcp which would indicate extreme vulnerability.
If you do not need file and print sharing on that server to share resources to
the lan then disable it in network connections/lan connection properties though
you still need a properly configured firewall. You should block all traffic from
the internet to that server except those ports necessary for you applications
which probably are port 80 tcp for http web [443 tcp also if sinning secure
SSL], port 23 tcp for telnet, and port 25 tcp for mail smtp. Your application
may require more or maybe not. Also try to allow access to those ports from only
a specific internet address or addresses for authorized users. I hope you are
using W2K telent client so that you are using ntlm authentication at least. ---
Steve

"Lex" <anonymous@discussions.microsoft.com> wrote in message
news:08ae01c3ad8b$303d50d0$a301280a@phx.gbl...
> Hi
> I run a Win2000 server with a connection to the internet
> which is shared to the internal network using NAT.
>
> People send advertising pages from the internet which are
> displayed on the screen of the server.
>
> I would like to block them out, But I do need access to my
> network for web server , Email server and telnet to run a
> business program.
>
> Any answers?
>
> Thanks
>
>
>
>

---

• Next message: quspyder: "recovering deleted items"
• Previous message: Steven Umbach: "Re: Everyone Group"
• In reply to: Lex: "Advertising page"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: SBS 2003 Single NIC firewall settings ... Then run the CEICW wizard from the Server management console ... > make a RAS VPN connection or access the company web site (which, ... > Internet and RRAS/VPN. ... > find where I go to open ports. ... (microsoft.public.windows.server.sbs) Re: What should I block out with my new firewall software? ... > block out that I don't use or need, like UDP or TCP. ... TCP/UDP on ports 135-139 and 445 are file sharing for networking. ... No one else, especially not internet IP ... (comp.security.firewalls) Re: Attacker used MDM to gain access to client PCs ... VNC is pretty good (for internal use, dont open a port to the internet to ... If remote can goto server / remote pc and then connect to user pc, ... Visit www.grc.com and chose Shields Up to test which ports are open... ... (microsoft.public.windows.server.sbs) Re: external ports ... SuperGumby [SBS MVP] wrote: ... interface and internet, get multiple IP's on the external side. ... subnet as external and see if the ports are accessible. ... These are enabled on the server. ... (microsoft.public.windows.server.sbs) Re: AD Replication over SonicWall site-to-site VPN ... The MTU can be an Issue: ... Test your MTU from the problem server by pinging the gateway of your router: ... Kerberos authentication service to use TCP instead of UDP. ... there are no explicit prohibitions on any of the ports required. ... (microsoft.public.windows.server.active_directory)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(17)