Solved

I would like a software firewall for my windows server that only allows connections from approved IP addresses..

Posted on 2007-11-21
11
225 Views
Last Modified: 2010-04-09
I would like a software firewall for my windows server that only allows connections from approved IP addresses..Similar to IP tables that linux use... Does it exist?
0
Comment
Question by:dublindavid
  • 3
  • 3
  • 2
  • +2
11 Comments
 
LVL 2

Expert Comment

by:terrydavis
ID: 20332921
Windows Server 2003 has a firewall service.  There should be an icon in your control panel.
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20333046
Hi,
Try one of those :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 

Author Comment

by:dublindavid
ID: 20333306
RE:Windows Server 2003 has a firewall service
Do you mean windows firewall? I need it to only allow selected IP's to access the server.. Not cut the net
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20333525
Hi,
Windows 2003's firewall is crap and will not allow you to do what you whould like to do.
Generally you would use a security solution including hardware like Cisco or SonicWall for example or use ISA server to protect your servers and network.
0
 

Author Comment

by:dublindavid
ID: 20333810
ok, I dont have a hardware firewall and I cant change the server, so is there any software solution to gove me something similar to linux iptable?
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 44

Expert Comment

by:Darr247
ID: 20337089

                               8signs

In 1998 when I first started looking for a software firewall for windows, there was exactly one available: ConSeal, made by Signal9. In 2002 Symantec bought out Signal9, apparently only to eliminate competition, because they never issued a single update for it nor did they incorporate any of its features into Norton Internet Security that I could tell (I regret the one time I installed THAT on one of my sisters' computers). So I switched to the free zone alarm, then zone alarm pro when it added spyware scanning (still kept ad-aware, though), all the while missing the level of control ConSeal had offered. :|

Anyway... the non-compete clause expired this year and the Signal9 guys have re-introduced their old firewall, with a different name and interface - go to www.8signs.com and you can download a free trial. It WILL do what you want. You can allow all and specify restrictions, or block all and specify what's allowed in, right down to the socket level, with different rules for each adapter (VPN, multiple ethernet cards, DUN, et al), if you want. It has a learn mode so you can have it make a few rules interactively, then edit them to get an idea how to formulate your own, and wizards to help you do initial setups. If you're used to making your own rules in a linux firewall you'll probably pick it up pretty quickly.

Sorry if any of that sounds like hype - it can prove itself, and they have a support page on their site. I have no connection with them other than I bought a 5-unit license for it with 3 months left on my current ZAP subscription. It does what it's supposed to for me, so I recommend it... that's about it for my 'full disclosure' notice. :)
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20337681
Hi,
Yes the ones I suggested above :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20345452
Is your web sevice being run using IIS or something different?
0
 

Author Comment

by:dublindavid
ID: 20400809
Its windows server web edition 2003,  IIS
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 20406125
Then you have the ability already in IIS to allow access from only selected IP addresses.
I would also disagree with the above comment on MS firewall - it works perfectly well when configured correctly also.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This video discusses moving either the default database or any database to a new volume.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now