TCP/IP Filtering problems

M

Mr Heinrichs

Hi

Im running a webserver and want to block all ports except the needed ones
I found under windows2000 tcp/ip filtering

the problem is that when i block all tcp/udp traffic
except
tcp/udp port 53
he can resolve any domains outside, when i enable all udp traffic it works
fine again
there is prolly a upd port that has to be openend to resolve domainnames,...
but wich one is it

thanks,
 
S

Steven L Umbach

Ip filtering is best used on a dedicated server that is not also used for web
browsing. The problem is that when you computer is accessing a internet dns server,
it needs to allow a return port udp connection that would be dynamically assigned in
the unprivileged above 1024 range. A firewall would be a much better solution - even
a personal one such as Sygate or Kerio. If a firewall is not an option for some
reason, ipsec filtering could be considered, though as a less favorable option. ---
Steve

http://www.webattack.com/Freeware/security/fwfirewall.shtml
http://www.securityfocus.com/infocus/1559
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

DHCP management, port number 2
TCP/IP Filtering Problem 2
TCP/IP Filtering 2
Trouble IPSec Packet Filter and Mailserver 1
TCP/IP Filtering 3
TCP/IP Filtering Question 12
About Ports 1
TCP/IP Filtering 2

Top