Solved

What ports to close

Posted on 2004-09-06
13
1,216 Views
Last Modified: 2010-04-09
I have Windows Xp with SP2. I've enabled the ICF and TCP/IP filtering. I know ICF makes a good job but I whant to add TCP/IP filtering functionality as a suppliment. :)
  What ports should I close or what ports should I leave open for a simple connection to the internet to work. I know that Ie or browsing works on 80 or 8080 and DNS service is at 53. Plus 137,139, 445 are for File print and sharing ( Functionality that I need ).
 Thanks !
0
Comment
Question by:CosminSocaciu
  • 4
  • 3
  • 3
  • +1
13 Comments
 
LVL 6

Assisted Solution

by:bloemkool1980
bloemkool1980 earned 60 total points
ID: 11994174
If you use winXP you can only close ports inbound. So if you do not need any services to be accessible via internet close everything down.
Outbound will still work.
If you have a webserver running on your XP you should leave port 80 open for inbound. It is best you close every windows related port such as 445.
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 11994269
..8080 is a proxy address witch is not used by IE if this is not a business environment.
File and print got its own mechanism in SP2, so no port numbers there..
0
 

Author Comment

by:CosminSocaciu
ID: 11994452
I have a simple workstation connected to the Internet. It isn't a webserver and neigher a business environment . I whant to have Share & Print functions over the Lan and to be fully secure to the Internet(if that is possible :) ) . So I thought to close all unnecessary ports.
 For exemple When I'm on a site my computer rings. Rings as a telephone rings. I have Yahoo messenger on and nothing else (at least as I know). The headphnes play a ring sound for 3 times and then pause for 5-10 ' and then again. I've checked the sound themes and set to "none" (thought is a netmeeting ring) but no response. I've noticed that the ring is not for a pariculary site but it is when browser is open (Ie 6)
  As I experince this I thought it's an attack to some of my opend ports so I've decided to close all unnecessary ones.
 
 So, what should I allow and what to deny with TCP/IP filtering ?
0
 
LVL 6

Assisted Solution

by:bloemkool1980
bloemkool1980 earned 60 total points
ID: 11994474
Well as I said.
You have one NIC to internet and one to your LAN normally. THe one to internet you have to deny all inbound traffic and you will be fine.
XP per defautl does that when you enable the firewall so you are safe. The NIC going to your LAN is ok and should accept traffic from your LAN.
So you do not have to do anything as all ports on to internet are blocked.
0
 

Author Comment

by:CosminSocaciu
ID: 11994487
:)
 It's true, BUT:
 I have only one NIC, same for Lan and connection to the internet.
What to do then...
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 15

Assisted Solution

by:mattisflones
mattisflones earned 65 total points
ID: 11994493
As far as i know you dont have to block anything!
SP2`s firewall is built with the same technology that is used in their ISA server (Business firewall and proxy) and it does by default deny all connections. What you could do to make sure is to enter the security center->Firewall and set the "do not allow exeptions" on.. and simply allow what you need..
As you propably know theres no way one can trus MS products totally.. but if theres an error in this firewall configuring other port blocking features wont help as it is the first instance for communication. The TCP/IP filtering is allready built into the firewall...

As for your ringing tones.. I dont have a clue.. might it be the pop-up-blocker sound warning?
0
 
LVL 15

Accepted Solution

by:
mattisflones earned 65 total points
ID: 11994513
>>I have only one NIC, same for Lan and connection to the internet.
Well, basically you cant make that 100% safe as the MS firewall lack the features you find in ex: Zonealarm.. Maybe it would be a better choice for you?!
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 11994520
thanks for using my answer and not giving me a grade
really good job
0
 

Author Comment

by:CosminSocaciu
ID: 11995793
YES, please
0
 
LVL 15

Expert Comment

by:mattisflones
ID: 11995849
Oh, please.. Dont be so cranky bloemkool1980, behave like an expert! The acceptance of a comment here is most subjective, and theres no way uou can claim "your" comment is right for the asker aslong as he/she does not explain the why`s and what`s...
0
 
LVL 15

Expert Comment

by:samri
ID: 11996049
I think it's true that it's up to the asker to decide, but still they are responsible to decide the best among the good answer.

I believe AnnieMod should be able to assist! "Use the Force!" :)

This one is even worst, believe me!.
http://www.experts-exchange.com/Web/Web_Servers/Apache/Q_20273863.html

cheers.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
DHCP lease issue ? 8 84
IP Phones with SonicWall 6 68
Best firewall recommendation 12 153
Linksys LRT 224 forward 3 35
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now