Closing unused ports in NT
Jon Carnes
jonc at HAHT.COM
Fri Aug 4 22:43:31 EDT 2000
Your best bet is a DMZ. Setup a limited router/firewall that allows only
the traffic you want to each specific machine behind the router/firewall.
Linux or BSD makes this easy to do. Your Cisco router can also be setup to
do this.
Jon Carnes
MIS - HAHT Commerce
----- Original Message -----
From: "John Wheatley" <jwheatley at SWCP.COM>
To: <VPN at SECURITYFOCUS.COM>
Sent: Friday, August 04, 2000 11:26 AM
Subject: Closing unused ports in NT
> I use Steve Gibson's port probe at www.grc.com for checking port status on
> public IP machines. On a typical NT machine, the port probe shows
numerous
> ports as existing but closed. The ports report as existing even if the
> corresponding service has been removed from NT. Specific ports are
> 21,23,25,79,80,110,113,139,143,443. For example, I removed NetBIOS
> services using Control Panel, Network, Services; but the NetBIOS port 139
> still answers probes as closed. I want to have NO Response to unused port
> probes- is there a way?
> Help, suggestions, and comments are sure welcome.
> JohnW
>
> John Wheatley
> 505-292-4367 Voice
> 505-292-4387 Fax
> CSTI
> 10500 Research Road
> Suite 1506
> Albuquerque, NM 87123
>
> VPN is sponsored by SecurityFocus.COM
VPN is sponsored by SecurityFocus.COM
More information about the VPN
mailing list