Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Blocking ports on windows 2000 advanced server

Posted on 2003-10-28
7
Medium Priority
?
1,506 Views
Last Modified: 2010-04-14
I want to block only one tcpip port on a server located outside firewall, how do I go about that?
0
Comment
Question by:leguino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
7 Comments
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 336 total points
ID: 9635027
In your LAN connection properties, double click TCP/IP then click the advanced button.  Click the "options" tab then double click "TCP/IP filtering".  Check the "Enable TCP/IP Filtering (All adapters) button.  Next, add the ports that are permitted to access the server.  The rest will be blocked.

You could also use third party firewall software to block the one port in question.
0
 
LVL 10

Assisted Solution

by:KingHollis
KingHollis earned 332 total points
ID: 9635067
If this server is located outside of your firewall, it must have a specific purpose. Determine the ports needed then go to the Advanced TCP/IP settings for that NIC and choose to Allow only the TCP or UDP ports you require. All others will then be restricted. For example, if this is your webserver, people will only need to access TCP/80 and poss'y TCP/443. Don't try to block just one port-- make the server a true bastion host and reduce the attack surface.
0
 
LVL 1

Assisted Solution

by:Dave3131
Dave3131 earned 332 total points
ID: 9663643
IPSec policy works well for blocking a single port.   Here is the MS Technet article on using IPSec Policy to lock down a server:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/itsolutions/network/maintain/security/ipsecld.asp

You can use the basics in that article to shut off any port you want.   I agree with KingHollis that you should lock down all the ports you are not using.  The article tells how to do this effectively.
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 10043604
leguino

If we helped at all, please split the points between the three of us.  If not, request a refund.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

596 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question