Jason,

ISM, and all the other NT admin tools use RPC (remote procedure call). RPC
uses random high ports to communicate. There are registry keys that you can
use to specify a range to which you can restrict RPC communication. You'll
want to be careful not to restrict this to too small a range or you will
encounter weird problems and error messages. Some people do a range of 100
ports. Kinda hard to work with over a firewall. It's doable, but of
course, you are opening 100 ports. If security is your concern, I would not
open the ports for RPC and would just open 3389 for RDP and connect via
Termainl Servicees / Remote Desktop Connection.

For the registry keys mentioned, search technet.

regards,

Hal Rottenberg | Email: hal_rottenberghp.com
Technical Support Engineer | Jabber: hal_rottenbergjabber.hp.com
http://www.hp.com/security | Phone: +1-404-774-4041
                    HEWLETT-PACKARD

> -----Original Message-----
> From: Jason Yates [mailto:jyatesdataservice.org]
> Sent: Thursday, April 04, 2002 4:57 PM
> To: 'focus-mssecurityfocus.com'
> Subject: Internet Services Manager
>
>
> I'm trying to use Internet Services Manager snap-in on a web
> server located in our internal network. The web server is
> running Win2k and IIS 5.0. At first, I was connecting fine.
> I've added TCP/IP filtering to the remote machine, and now I
> can't connect. What ports does ISM use anyway?
>
> I'm allowing UDP and TCP connection to port 137-139 and just
> TCP to port 80. All other filtering is taken care off in the
> outside firewall.
>
> -Jason
>
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]