cisaacs
join:2002-01-19
Lady Lake, FL |  Simple Way To Close Ports
looking for a simple way to close all ports except for a certian few. any ideas? |
|
dustin486
Dustin
join:2001-06-27
West Monroe, LA | Windows or Linux? |
|
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR
 ·Verizon FiOS
| reply to cisaacs
You need to close the program/service down, or just use a firewall to block them from acting as a server if you need to. Some ports you can't close on some systems, and NT is notorious for this due to its nature.
--
When did ignorance become a point of view? |
|
Randy Bell
Premium
join:2002-02-24
Santa Clara, CA
| reply to cisaacs
The following two links are to Black Viper's website, for discussion of necessary and unnecessary services:
Win2K Services, »www.blkviper.com/WIN2K/win2k.htm
WinXP Services, »www.blkviper.com/WinXP/servicecfg.htm
As BlitzenZeus suggested, it is NT-family operating systems that present the most problems, and the solution is to close as many unnecessary services as possible.
As BlitzenZeus also suggested, you can use a firewall like ZoneAlarm to deny server rights to these running services, so as to stealth the ports they listen on locally. A port can be open locally, but still stealthed to the outside world by ZA. |
|
cisaacs
join:2002-01-19
Lady Lake, FL
| reply to BlitzenZeus
Yes NT, have tried kerio and the like. whenever i do my database program (raining data's d3/NT)locks up. so was simply looking for a way to sealth or a simple firewall program without outbound protection because i think this was the problem... the system worked fine behind a linky router but because of the limitaions on the amount of ports that can be forwarded decided to upgrade to multiple static IP's and am looking for a way to 'lock the system down' |
|
Ice Czar
join:2002-05-08
Lafayette, CO
| reply to cisaacs
»www.analogx.com/contents/downloa···lock.htm
"This program is NOT a Firewall, but it will allow you to run a server that is only available on the local network, and will log any access attempts made by other machines that are attempting to use the blocked interface."
The drawback here is that the port appears closed, not stealthed.
--
"Only YOU can prevent Electromigration"_______"Strong Like Bull....Smart Like Tractor"
[text was edited by author 2002-06-02 23:24:09] |
|
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR
·Verizon FiOS
| reply to cisaacs
Even though its not suggested you can use Kerio to control communications inbound only. Allow programs outbound on any port, etc...
Rule based firewalls do what you tell them to do 
--
When did ignorance become a point of view? |
|
Randy Bell
Premium
join:2002-02-24
Santa Clara, CA
| reply to cisaacs
If you don't want outbound control, then that eliminates an application-based firewall like ZA . But I wouldn't think it wise to configure any firewall in this manner, without outbound application control.
Since you're a Kerio, user, the link to the Kerio-Tiny Support Forum is: »Kerio - Tiny Support
BlitzenZeus himself is a regular in that forum, and the moderator Gwion is especially knowledgable; someone there can help you configure and tighten your ruleset. The idea is to stealth as many ports as possible, of course.
I know that it's possible to deny server rights to most programs, and they will still function normally. The exception is if you're running something like ICQ or mIRC, and need to make your files available for sharing over the internet; or if you're running something like an FTP or Web Server. The rule is to deny server rights unless the process or program won't function normally without it.
As BlitzenZeus suggested, a rules-based firewall like Kerio is highly configurable. I can't help thinking that, with the proper ruleset, you can still stealth most if not all your ports. |
|
cisaacs
join:2002-01-19
Lady Lake, FL |  Thanks for all the help.... |
|
