winXP filtering TCP/IP

Discussion in 'other security issues & news' started by xTiNcTion, Oct 26, 2003.

Thread Status:
Not open for further replies.
  1. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    hi !!
    installed: ZApro, spywareguard, spywareblaster, Spybot_SD, NSystemWork2003, MRUblaster.

    just tried to filter TCP/IP allowing ONLY the following ports:

    TCP
    20,
    21, FTP
    22, SSH Remote login
    23, telnet
    25, smtp
    53, dns
    67, DHCP/BootP
    68, DHCP/Bootp prot server
    80, HTTP
    88, Kerberos
    90, Wins
    110, POP3
    137, Netbios Name Service
    138, NetBIOS Datagram Service
    139, NetBIOS Session Service
    161, SNMP
    162, SNMPTRAP
    443, SSL
    8080, SHTTP

    IP Port
    6, TCP
    17, UDP

    then i lost conectivity. it seem like DNS doesn´t work !! ´cause typing the ip address directly works

    whats wrong? do you think this is a good practice, i mean a secure one?
     
  2. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    Hi xTiNcTion

    Using the TCP/IP filtering capabilities within the OS is probably not the best way to go. As you have found with UDP traffic such as DNS querries, the filtering as you had it set up only allows for port 53. This is fine for a server, but for a client making the DNS querry it does not allow for the ephemeral port (1024-5000) used by the system.

    If you are interested in this type of OS filtering of your network traffic, a custom IPSec policy is probably the better way to go and more flexible.

    A couple of links to get you started:

    IPSec and you...

    Windows 2000 Firewalling

    Regards,

    CrazyM
     
  3. xTiNcTion

    xTiNcTion Registered Member

    Joined:
    Oct 25, 2003
    Posts:
    253
    Tkz CrazyM

    i read about it in a old NAVY´s securing NT guide. i totally forget those ports !!

    tkz again my friend :)
     
Loading...
Thread Status:
Not open for further replies.