Re: W2K TCP/IP Filtering

From: Steven L Umbach (n9rou_at_n0-spam-for-me-comcast.net)
Date: 08/28/04

• Next message: Steven L Umbach: "Re: Oodles of 529 Logon Failures every 2:00 AM"
• Previous message: Steven L Umbach: "Re: Possible inside security breach"
• In reply to: Steve: "W2K TCP/IP Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 28 Aug 2004 18:08:02 GMT

It should not interfere with internet users accessing your website but my guess is
that you are trying to access the internet from that computer. I bet it you leave
tcp/ip filtering enabled but select permit all for just UDP it will work. The reason
is that tcp/ip filtering is somewhat stateful for TCP but not UDP in that for TCP it
knows that a return response was initiated from your computer and allows it in while
not for UDP which blocks return UDP packets from the ISP dns server with the name
resolution request. --- Steve

"Steve" <anonymous@discussions.microsoft.com> wrote in message
news:1ea401c48d1f$a7ac5c50$a501280a@phx.gbl...
>I have a new w2k web server getting ready to go online,
> and I'm having some problems with the tcp/ip filtering.
> Following the guide at http://www.shebeen.com/w2k/ for
> basic hardening, I've enabled TCP/IP filtering. Problem
> is that it seems to break the connection to our DNS
> servers (internet DNS servers with IPs specified in the
> TCP/IP address properties). When I disable the TCP/IP
> filtering, everything works as it should.
>
> The settings are: TCP Permit only 22,80,443,3389
> UDP permit only: 161,162
> Protocols: 6,8
>
> I know if I was running DNS on this machine, I'd need 53
> open, but I'm not sure why the filtering is blocking name
> resolution when connecting to an outside dns server.

• Next message: Steven L Umbach: "Re: Oodles of 529 Logon Failures every 2:00 AM"
• Previous message: Steven L Umbach: "Re: Possible inside security breach"
• In reply to: Steve: "W2K TCP/IP Filtering"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: DNS lookup not working ... UDP and it is blocking return traffic to your computer from your ISP DNS ... The only time you would want to enable UDP filtering for port 53 ... would be if you were running a DNS server. ... stateful and tcp/ip filtering will allow response traffic [established ... (microsoft.public.windowsxp.security_admin) Re: DNS lookup not working ... enabled on UDP and it is blocking return traffic to your computer ... filtering for port 53 would be if you were running a DNS server. ... DNS request to your ISP DNS server and the destination port would be ... Now TCP traffic is stateful and tcp/ip filtering will ... (microsoft.public.windowsxp.security_admin) Re: NetBIOS Messenger spam - how did it get in? ... >The gateway host of my small workgroup has just become ... >NetBIOS Messenger Service. ... >IP assigned by the Windows Internet Connection Sharing ... options tab, select tcp/ip filtering, click the properties button, click on ... (Security-Basics) Re: TCP/IP Filter ... Configure TCP/IP Filtering in Win2K Dial-Up ... Internet Connection ... Microsoft Knowledge Base Article - 309798 recommends to ... the steps in my Dial-Up Connection Properties Networking ... (microsoft.public.win2000.security) TCP/IP Filtering in Windows 2000? ... It looks the suggestion is to block post 1434 to protect against the latest ... Anyone succeeded in setting up Windows 2000 TCP/IP Filtering on ... UDP packets, while still allowing browsing from this machine? ... says only port 53 needs to be open, but despite trying loads of other ... (microsoft.public.security)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint