Solved

IPSEC Firewall windows 2000

Posted on 2004-08-21
2
353 Views
Last Modified: 2013-12-04
I created an ipsec firewall on windows 2000.  Is there a way for me to export that so I can put it on multiple machines?

Thanks!

Randy
0
Comment
Question by:rjohnsonjr
2 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 500 total points
ID: 11860763
Yes... but a word of caution... the IPSEC firewall is eaily by-passed if you bind your source port to port 88 or 500
This is by design... and not a flaw (recently M$ has intorduced ways that prevent this now, sp4 and sp2 for XP)
http://support.microsoft.com/default.aspx?scid=811832 
So someone with  port scanner like Nmap can scan your box by using the following
nmap -sS -g 88 -P0 ip.ip.ip.ip -vv
They would see all the ports that were open, can could use any number of ways to bind their src port to 88,500,46 and get past the firewall.

To export your IPSEC rules, open Secpol.msc (go to the Run line, them type  "secpol.msc" press eter)
-->Highlight<-- "IP Security Policies for Local..." and then go to Action, and you'll see Export List, this will open a window for you to save the list (all policies) and you can specify how they will be saved, Tab Delimited, or Comma... if you want to save just one or two of the rules, you'll have to delete the ones you don't want... I export all, then delete what I do not want- that way there is a backup of the defaults, and the others.
-rich
0
 
LVL 6

Author Comment

by:rjohnsonjr
ID: 11885187
Thanks for your help!  I will definately following with that article :-)


-Randy
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question