Re: IP Sec
From: Herb Martin (news_at_LearnQuick.com)
Date: 09/27/03
- Next message: Hairy One Kenobi: "Re: I blocked ports 135, 137, 445 on my router still I see unfamiliar addreses on my network"
- Previous message: David Cross [MS]: "Re: Configure a CAPolicy.inf file"
- In reply to: Michael Kremser: "IP Sec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Sep 2003 10:04:09 -0500
> ///
> ipsecpol -dialup -w REG -p "Web" -o
> ipsecpol -dialup -x -w REG -p "Web" -r "BlockAll" -n BLOCK -f 0+*
> ipsecpol -dialup -x -w REG -p "Web" -r "OkHTTP" -n PASS -f 0:80+*::TCP
> \\\
>
> This should secure a server, so that only port 80 is open. Well, that
> works - but it also applies to outgoing connections, which I don't want.
> Could anyone tell me how to modify those lines, so that only incoming
> connections are affected? And could anyone tell me how I can securely
> "delete" that settings with ipsecpol (if I press 'Del' in the IP Sec
> MMC, there keep remnants in the registry).
You will just need to PASS the (more) specific traffic you wish to allow,
e.g.,
outgoing FTP or whatever.
-- Herb Martin
- Next message: Hairy One Kenobi: "Re: I blocked ports 135, 137, 445 on my router still I see unfamiliar addreses on my network"
- Previous message: David Cross [MS]: "Re: Configure a CAPolicy.inf file"
- In reply to: Michael Kremser: "IP Sec"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
