Re: IP Filter Order

anonymous_at_discussions.microsoft.com
Date: 03/24/04 

Date: Tue, 23 Mar 2004 23:18:53 -0800

>-----Original Message-----
>Depends on the manufacturers specs. Most usually, the
list is a top down
>design. which means that you generally have all your
permits at the top and
>an explicit deny all at the bottom.

It is Windows 2000 IPSEc Filters. They have no way to
customize order ;(
>
>A good way to see if this is working, is to try and
telnet to that port.
>
> Telnet %ComputerName% 80
Yes, and nMap scanner as well. But where is warranty that
another time rules order will be the same?

>
>--
>--
>Dusty Harper
>Microsoft Corporation
>---------------------------------------------------------
-------------------
>This posting is provided "AS IS", with NO warranties and
confers NO rights
>---------------------------------------------------------
-------------------
>
>"Somo" <hicode@inbox.lv> wrote in message
>news:f0c101c410e0$463d2eb0$a601280a@phx.gbl...
>> For example I have IP Filters:
>>
>> SOURCE -direction- DESTINATION Protocol Action
>> Any <-> MyIPAddress Any Block
>> Any:80 <-> MyIPAddress:Any TCP Permit
>> Any:Any <-> MyIPAddress:1 TCP Block
>>
>> Is it possible to scan MyIPAddress:1 from source port
80?
>>
>> Scan packets will be:
>> Any:80 -> MyIPAddress:1 TCP
>>
>> so, in what order IP Filters would be applied?
>>
>
>
>.
>