Learn how to a build a cloud-first strategyRegister Now


Survey Windows Server 2003 for port exceptions before enabling Windows Firewall

Posted on 2007-09-27
Medium Priority
Last Modified: 2010-04-11
what is the best way to evaluate what ports i need to have exceptions for if i enable windows firewall on a windows server 2003 R2?  the server already has some applications running...  how do i determine which ports need exceptions?

do i have to go through the whole list of applications and check configurations to see if it runs on certain ports?  or is there a way to just see what ports currently are being used?
Question by:zephyr_hex (Megan)
LVL 30

Assisted Solution

LauraEHunterMVP earned 500 total points
ID: 19975787
Use fport or portqry (both free downloads), or a simple 'netstat -ano' from the server console.
LVL 32

Assisted Solution

r-k earned 500 total points
ID: 19976465
You may find this link useful:


Also remember reading someplace that MS does not recommend enabling Windows Firewall on domain controllers. Have forgotten details but that was the gist of it.
LVL 19

Accepted Solution

CoccoBill earned 1000 total points
ID: 19978504
I recommend running the Security Configuration Wizard with all of the required services on the server started. The wizard will list all listening services, give recommendations and allow you to enable/disable them or allow/block them using the windows firewall. As a bonus the wizard will secure the server in other areas, if you do not wish that to happen (I don't see why you wouldn't though), just skip all other sections besides network security.



Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Experts Exchange expands question security options for members.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question