• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1242
  • Last Modified:

What ports to close

I have Windows Xp with SP2. I've enabled the ICF and TCP/IP filtering. I know ICF makes a good job but I whant to add TCP/IP filtering functionality as a suppliment. :)
  What ports should I close or what ports should I leave open for a simple connection to the internet to work. I know that Ie or browsing works on 80 or 8080 and DNS service is at 53. Plus 137,139, 445 are for File print and sharing ( Functionality that I need ).
 Thanks !
0
CosminSocaciu
Asked:
CosminSocaciu
  • 4
  • 3
  • 3
  • +1
4 Solutions
 
bloemkool1980Commented:
If you use winXP you can only close ports inbound. So if you do not need any services to be accessible via internet close everything down.
Outbound will still work.
If you have a webserver running on your XP you should leave port 80 open for inbound. It is best you close every windows related port such as 445.
0
 
mattisflonesCommented:
..8080 is a proxy address witch is not used by IE if this is not a business environment.
File and print got its own mechanism in SP2, so no port numbers there..
0
 
CosminSocaciuAuthor Commented:
I have a simple workstation connected to the Internet. It isn't a webserver and neigher a business environment . I whant to have Share & Print functions over the Lan and to be fully secure to the Internet(if that is possible :) ) . So I thought to close all unnecessary ports.
 For exemple When I'm on a site my computer rings. Rings as a telephone rings. I have Yahoo messenger on and nothing else (at least as I know). The headphnes play a ring sound for 3 times and then pause for 5-10 ' and then again. I've checked the sound themes and set to "none" (thought is a netmeeting ring) but no response. I've noticed that the ring is not for a pariculary site but it is when browser is open (Ie 6)
  As I experince this I thought it's an attack to some of my opend ports so I've decided to close all unnecessary ones.
 
 So, what should I allow and what to deny with TCP/IP filtering ?
0
WEBINAR: 10 Easy Ways to Lose a Password

Join us on June 27th at 8 am PDT to learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees. We'll cover the importance of multi-factor authentication and how these solutions can better protect your business!

 
bloemkool1980Commented:
Well as I said.
You have one NIC to internet and one to your LAN normally. THe one to internet you have to deny all inbound traffic and you will be fine.
XP per defautl does that when you enable the firewall so you are safe. The NIC going to your LAN is ok and should accept traffic from your LAN.
So you do not have to do anything as all ports on to internet are blocked.
0
 
CosminSocaciuAuthor Commented:
:)
 It's true, BUT:
 I have only one NIC, same for Lan and connection to the internet.
What to do then...
0
 
mattisflonesCommented:
As far as i know you dont have to block anything!
SP2`s firewall is built with the same technology that is used in their ISA server (Business firewall and proxy) and it does by default deny all connections. What you could do to make sure is to enter the security center->Firewall and set the "do not allow exeptions" on.. and simply allow what you need..
As you propably know theres no way one can trus MS products totally.. but if theres an error in this firewall configuring other port blocking features wont help as it is the first instance for communication. The TCP/IP filtering is allready built into the firewall...

As for your ringing tones.. I dont have a clue.. might it be the pop-up-blocker sound warning?
0
 
mattisflonesCommented:
>>I have only one NIC, same for Lan and connection to the internet.
Well, basically you cant make that 100% safe as the MS firewall lack the features you find in ex: Zonealarm.. Maybe it would be a better choice for you?!
0
 
bloemkool1980Commented:
thanks for using my answer and not giving me a grade
really good job
0
 
CosminSocaciuAuthor Commented:
YES, please
0
 
mattisflonesCommented:
Oh, please.. Dont be so cranky bloemkool1980, behave like an expert! The acceptance of a comment here is most subjective, and theres no way uou can claim "your" comment is right for the asker aslong as he/she does not explain the why`s and what`s...
0
 
samriCommented:
I think it's true that it's up to the asker to decide, but still they are responsible to decide the best among the good answer.

I believe AnnieMod should be able to assist! "Use the Force!" :)

This one is even worst, believe me!.
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_20273863.html

cheers.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now