OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Kevin Kaminski (Kevin.Kaminskitelus.com)
Date: Thu Apr 04 2002 - 16:49:18 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    The entire project is too small scale to consider buying a commercial
    product when the built in RRAS port filtering will suffice. If you look at
    most port documentation you will notice a lack of detail when it comes to
    filtering the protocol. Go to the two links in my message and you will
    notice the difference in detail. Or for a more specific example Microsoft
    documentation regarding SQL Server 2000 states that the SQL Server
    connections running over TCP/IP require port 1433 (TCP/UDP? not mentioned).
    When performing a connection and using a network sniffer you will find that
    traffic occurs on port 1433 TCP but while registering the server through SQL
    Enterprise Manager there is traffic on 1434 UDP. Try looking at the issue in
    depth and you may have trouble in finding solid technical information to
    reference.

    -----Original Message-----
    From: Joseph Brown [mailto:emailjoebrownyahoo.com]
    Sent: Thursday, April 04, 2002 3:01 PM
    To: Kevin Kaminski; focus-mssecurityfocus.com
    Subject: Re: Detailed Port Filtering

    Not sure I understand. First, why reinvent the wheel?
     There are a number of software firewalls that run on
    W2K server, from enterprise to host based. Or you
    could use the TCP/IP filtering on the Advanced tab of
    the TCP/IP Settings dialog box.

    If you don't know port you need, sounds like you need
    to first learn what apps you're using.

    --- Kevin Kaminski <Kevin.Kaminskitelus.com> wrote:
    > I'm looking at building my first IP port firewall
    > for my Windows 2000
    > Server. I have looked at IP port references such as
    > http://www.iana.org/assignments/port-numbers but it
    > seems that the list is
    > not specific as to weather the protocol requires
    > both TCP/UDP connections. I
    > have found a list that almost has what I am looking
    > for
    >
    (http://www.chebucto.ns.ca/~rakerman/port-table.html)
    > but it covers a
    > limited range of services. I could sit with a
    > sniffer and take the server
    > through it's paces but I was wondering if someone
    > would know a good resource
    > that could help an NT Administrator make sound
    > decisions while building a
    > port filter.
    >
    >

    __________________________________________________
    Do You Yahoo!?
    Yahoo! Tax Center - online filing with TurboTax
    http://taxes.yahoo.com/