C
chick7t7
I am in desperate need of how to close unused ports.
Does anyone know how? Please .....
Does anyone know how? Please .....
M
Mike P
www.grc.org has a few tools to close some unused ports
I don't know if this will answer your ? but it's worth a
look
I don't know if this will answer your ? but it's worth a
look
S
Sunshine
Kerio personal firewall
S
Steven L Umbach
Ports are opened and closed by the applications/services that use them. To block
access to ports from the internet, use a firewall XP has a very good built in
firewall that you can use called ICF. --- Steve
http://www.microsoft.com/windowsxp/home/using/howto/homenet/icf.asp
http://www.microsoft.com/security/protect/
access to ports from the internet, use a firewall XP has a very good built in
firewall that you can use called ICF. --- Steve
http://www.microsoft.com/windowsxp/home/using/howto/homenet/icf.asp
http://www.microsoft.com/security/protect/
C
Curtis Koenig [MSFT]
I would agree with the statement that ports are used dynamicaly but would
add that if you want to stop all communication on a port permanently you
can use the TCP/IP filters that are built in to specify the types of
traffic you want to allow or not allow.
--
Curtis Koenig
Support Professional
Microsoft Clustering Technologies Support
Microsoft Certified Systems Engineer
Microsoft Certified Systems Engineer - Security
This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!
--------------------
add that if you want to stop all communication on a port permanently you
can use the TCP/IP filters that are built in to specify the types of
traffic you want to allow or not allow.
--
Curtis Koenig
Support Professional
Microsoft Clustering Technologies Support
Microsoft Certified Systems Engineer
Microsoft Certified Systems Engineer - Security
This posting is provided "AS IS" with no warranties and confers no rights.
Please reply to the newsgroup so that others may benefit. Thanks!
--------------------
S
Steven L Umbach
I am not sure what kind of ip filters you are talking about. If you are
talking about ip filtering that is configured in tcp/ip properties, they do
not permanantly close ports for access in both directions. If you are
talking about ipsec filtering, yes policies can be configured to block
access to ports assuming the policies are correctly configured and that the
ipsec service is running and the policy has not become corrupted. Users also
need to be aware of default vulnerabilities in ipsec policies. To
permanently disable a port, I prefer to disable the associated service [such
as file and print sharing] which can be done in most cases fairly easily
with the possible exception of rpc. --- Steve
talking about ip filtering that is configured in tcp/ip properties, they do
not permanantly close ports for access in both directions. If you are
talking about ipsec filtering, yes policies can be configured to block
access to ports assuming the policies are correctly configured and that the
ipsec service is running and the policy has not become corrupted. Users also
need to be aware of default vulnerabilities in ipsec policies. To
permanently disable a port, I prefer to disable the associated service [such
as file and print sharing] which can be done in most cases fairly easily
with the possible exception of rpc. --- Steve
C
cato
Hi Curtis,
In XP pro the TCP/IP filtering panel has "Permit All" or "Permit Only"
possibilities. It means practically zero possibility to close a port from
filter control. Maybe a Microsoft Professional has the full info to list all
permitted ports except the ones to be closed
Plus it must have some
automated way to fill in the necessary data.
By and large I found in XP the TCP/IP filtering is only for decoration! Why
to advise a totally unusable service? Is there some hidden trick with which
the lack of direct denomination of the unwanted ports can be worked around?
Until than I stay with closing unnecessary services and time by time
security scan ports.
Thanks,
Mike
In XP pro the TCP/IP filtering panel has "Permit All" or "Permit Only"
possibilities. It means practically zero possibility to close a port from
filter control. Maybe a Microsoft Professional has the full info to list all
permitted ports except the ones to be closed
Plus it must have someautomated way to fill in the necessary data.
By and large I found in XP the TCP/IP filtering is only for decoration! Why
to advise a totally unusable service? Is there some hidden trick with which
the lack of direct denomination of the unwanted ports can be worked around?
Until than I stay with closing unnecessary services and time by time
security scan ports.
Thanks,
Mike