How do I Restrict port access to single IP Address


G

Guest

I want to open, but restrict access to, ports TCP 139 and TCP 445 on a
machine running XP SP2 with windows firewall enabled.

Trouble is I want to open and restrict access of these ports to a single IP
address on the network.

Does anyone know how to achieve this using Exceptions in the windows firewall?

Is it the correct tool to use?

Thanks
 
Ad

Advertisements

N

Nepatsfan

On the Exceptions page highlight "File and Printer sharing" and
select Edit. In the "Edit a Service" box highlight the port you
wish to restrict and select "Change Scope". In the Change Scope
box select Custom list and enter the IP address.
 
G

Guest

Thanks Nepatsfan.

This works for TCP 139, I can now only see the computer with the rule in its
firewall from the IP address I specified.

But for TCP 445 I still seem to be able to ping the machine with the rule in
its firewall from any other machine on the network. Is this just the way it
has to be?

I have checked the ICMP settings on the Advanced tab, and only the 'Allow
incomming echo request' option is ticked, but it is greyed out presumably
because of the scope setting against TCP 445 in the exceptions.

Thanks again!
 
N

Nepatsfan

From what I can gather the "Allow incoming echo requests" is
grayed out by default. The only way I know of to change that is
to disable port 445. Go to the Windows Firewall Exceptions page
and select "File and Printer Sharing". Uncheck port 445. Click OK
twice. That should block any ping requests. You should still be
able to access shared resources from the single IP address
through port 139.

Note: When I tested this there was a slight delay between when I
disabled port 445 and incoming ping requests were blocked. It
wasn't until the second ping attempt that the message "Request
timed out" was returned. Further attempts were blocked.

Keep in mind that Windows Firewall has limitations. It's fine for
most home users but it lacks a lot of features, the least of
which is the ability to filter outgoing traffic. If your
concerned about security, I'd suggest using a third party
firewall (e.g. Zone Alarm, Sygate, McAfee Personal Firewall) or a
router that's capable of filtering port traffic.
 
J

Jeff

I have XP Home but have turned off XP's firewall because I use ZoneAlarm
instead.

How can I do that in ZA? Do I need to do this in ZA?

Thanks.
 
Ad

Advertisements

N

Nepatsfan

I don't use Zone Alarm, so I'm unable to give you a direct
answer. What I would suggest is that you start a new thread with
all the details concerning what you're trying to accomplish.

You might also consider posting your question to the forum that
Zone Labs has setup:

http://forum.zonelabs.org/zonelabs
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top