Several well know methods for restricting port access exist in WIndows 2000,
XP and .NET.

Take a look at TCP/IP filtering and IPSec policies (IPSec policies can be
written to filter port access, as well as for encrypting data in flight)

The Remote Access service can also be configured to provide this type of
access control -

None of these services require xtra purchases, downloads or other activity -
they are built into the operationg system, just require configuration as
does Solaris --

> -----Original Message-----
> From: Rangan, Govindaraj [mailto:govindrti.com]
> Sent: Wednesday, October 30, 2002 10:59 PM
> To: 'focus-mssecurityfocus.com'
> Subject: RE: Access to well-known ports on Win2K
>
>
> Hi All,
> Greetings.
> Do all users on Win2K have access to the
> well-known ports? This
> question arose when I was doing some security tests in a heterogeneous
> environment with Windows and Solaris boxes. Solaris RSHD's
> only security is
> that before allowing access, it checks the source host and
> source tcp port.
> The host should be in hosts.equiv or .rhosts and the source
> tcp port should
> be one of well known ports (0-1023). The rsh client is a
> setuid script and
> starts as root. However on Windows 2000, it is possible for
> any user (not
> necessarily an admin user) to open a "well known port" to
> connect to any
> rshd.
> Can we restrict access to well known ports to a
> certain user or
> group? If not, the secure way is that Solaris hosts shouldn't
> trust Windows
> hosts. Your help in resolving this is highly appreciated.
>
> Regards,
> Govind
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]