Re: Closing ports

From: cato (
Date: 10/26/03

Date: Sun, 26 Oct 2003 16:09:32 -0500

Hi Curtis,
In XP pro the TCP/IP filtering panel has "Permit All" or "Permit Only"
possibilities. It means practically zero possibility to close a port from
filter control. Maybe a Microsoft Professional has the full info to list all
permitted ports except the ones to be closed :-) Plus it must have some
automated way to fill in the necessary data.

By and large I found in XP the TCP/IP filtering is only for decoration! Why
to advise a totally unusable service? Is there some hidden trick with which
the lack of direct denomination of the unwanted ports can be worked around?
Until than I stay with closing unnecessary services and time by time
security scan ports.

"Curtis Koenig [MSFT]" <> wrote in message
> I would agree with the statement that ports are used dynamicaly but would
> add that if you want to stop all communication on a port permanently you
> can use the TCP/IP filters that are built in to specify the types of
> traffic you want to allow or not allow.
> --
> Curtis Koenig
> Support Professional
> Microsoft Clustering Technologies Support
> Microsoft Certified Systems Engineer
> Microsoft Certified Systems Engineer - Security
> This posting is provided "AS IS" with no warranties and confers no rights.
> Please reply to the newsgroup so that others may benefit. Thanks!
> --------------------
> >From: "Steven L Umbach" <>
> >Subject: Re: Closing ports
> >Date: Tue, 21 Oct 2003 16:47:30 GMT
> >
> >Ports are opened and closed by the applications/services that use them.
> block
> >access to ports from the internet, use a firewall XP has a very good
> in
> >firewall that you can use called ICF. --- Steve
> >
> >
> >
> >
> >

Relevant Pages

  • RE: TCP/IP Filtering problem on W2KAS
    ... The problem is that if you are listing ports that are 'allowed' and you ... don't list every dynamic port used by a client to access the DNS ... "Using IPSec to Lock Down a Server": ... I find using the IPSec filters MUCH more useful then the TCP/IP Filtering. ...
  • Re: TCP/IP filtering and opening DNS
    ... > I am having some problems with TCP/IP filtering and DNS with my ... > know its something with DNS. ... You also need to open ports above 1024 for outgoing connections. ...
  • Re: TCP/IP Filtering Problem
    ... TCP/IP filtering is stateful for TCP but not for UDP. ... The ports you are ...
  • Re: TCP/IP Filtering works for incomming traffic, but closed my outgoing traffic
    ... eg, you brought up the TCP/IP filtering dialog and did abc, opening xyz ... My problem now is that I cant access the net from that server only ... > to the Enabled ports to be able to access the internet or what should I ...
  • Re: keeping only ports 21 and 80 open
    ... depending on how your configuration is in XPE... ... configuration, under TCP/IP, and setup TCP/IP filtering, to permit all, ... permit only on TCP/UDP, and IP ports. ... The only real ports I see a potentail problem with is 13 this is ...