Re: Easy way to block specific ports Windows 2000 Server

---

• From: "rndinit9@xxxxxxxxx" <rndinit9@xxxxxxxxx>
• Date: 25 Jun 2006 09:17:36 -0700

---

First off some info about VNC:

http://en.wikipedia.org/wiki/VNC <-- Read this first

www.realvnc.com/
www.tightvnc.com/
ultravnc.sourceforge.net/

From what I understand you want to run the following services:

ftp
RDP (3389)
web (80, 8080, 443)
PC Anywhere (5631)

I would recommend the following firewalls:

http://www.agnitum.com/products/outpost/
http://www.tinysoftware.com/home/tiny2?s=2583689172949401699A0&&pg=content05&an=tf6_home
www.looknstop.com/

Some notes:

I think you could use win2k firewall to block all ports except the ones
that you want open, I think this largely depends on wether or not you
have the latest SP installed. (Im by far no MS expert)

Otherwise you have the option of using software firewalls (listed
above). They are all easy to configure and are well documented.
Ofcourse you can also use hardware/applience firewalls.

One thing I have noticed though:

Why are you using remote desktop & Pc Anywhere? Just choose one
solution and use it.
Using both is surely not wise, form a security point of view. (As they
both accomplish the same task)

Hope this sheds some light on your situation.


Zoom wrote:

Hi,

We recently had our Windows 2000 Server hacked via VNC. I was wondering if
any experts could provide advise on the following. Forgive my naive
understanding of this process.

(1) How does one get access via VNC? Does one need to have a VNC Server on
the server end or does Windows 2000 have an inherent VNC built in?

(2) We were thinking of blocking all ports except 80,8080,443, 3389 (for
remote desktop), 5631 (For PcAnywhere), 21 and 25. Is this a reasonable
approach? I saw a few articles on using IPsec to do this but I can't find
any straightforward instructions how to block specific ports. Can anyone
provide any instructions / links to articles that show how to do this?

Thanks for any help anyone can provide,

Zoom

.

---

• References:
  • Easy way to block specific ports Windows 2000 Server
    • From: Zoom

• Prev by Date: Re: Easy way to block specific ports Windows 2000 Server
• Next by Date: Re: Preventing Users from removing their PC from the Domain
• Previous by thread: Re: Easy way to block specific ports Windows 2000 Server
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: PLINK and/or PuTTY -- Logon to Linux with no Privileges ... There are firewalls that can detect this sort of thing, ... We've tried just regular VNC, with no luck, then tried it on port 80, ... were easily broken out of because, well, they're shell scripts! ... (comp.security.ssh) Re: Trouble logging into a wireless Remote Desktop host ... Remote Desktop--the two mechanisms are precisely equal in this respect. ... VNC is unencrypted--if you use it across the Internet, ... use strong passwords. ... Firewalls are not an issue. ... (microsoft.public.windowsxp.work_remotely) Re: AIX PC Anywhere tool ... where there are firewalls with restricted ports or where we are traversing ... VNC probably does that, but I got started with Zebedee so I never looked. ... Goodyear Tire and Rubber Company ... written consent of The Goodyear Tire & Rubber Company. ... (AIX-L) Re: Remote PC Administration, Source for Delphi 4, 5, 6 and 7 ... File Transfer, Chat, One Channel Port (VNC uses 2) - great for getting ... the corporate firewalls but this does. ... (borland.public.delphi.thirdpartytools.general) Easy way to block specific ports Windows 2000 Server ... We recently had our Windows 2000 Server hacked via VNC. ... any straightforward instructions how to block specific ports. ... (microsoft.public.win2000.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.win2000.security  > 2006-06