Solved

I would like a software firewall for my windows server that only allows connections from approved IP addresses..

Posted on 2007-11-21
11
233 Views
Last Modified: 2010-04-09
I would like a software firewall for my windows server that only allows connections from approved IP addresses..Similar to IP tables that linux use... Does it exist?
0
Comment
Question by:dublindavid
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
  • 2
  • +2
11 Comments
 
LVL 2

Expert Comment

by:terrydavis
ID: 20332921
Windows Server 2003 has a firewall service.  There should be an icon in your control panel.
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20333046
Hi,
Try one of those :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 

Author Comment

by:dublindavid
ID: 20333306
RE:Windows Server 2003 has a firewall service
Do you mean windows firewall? I need it to only allow selected IP's to access the server.. Not cut the net
0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 12

Expert Comment

by:dlan75
ID: 20333525
Hi,
Windows 2003's firewall is crap and will not allow you to do what you whould like to do.
Generally you would use a security solution including hardware like Cisco or SonicWall for example or use ISA server to protect your servers and network.
0
 

Author Comment

by:dublindavid
ID: 20333810
ok, I dont have a hardware firewall and I cant change the server, so is there any software solution to gove me something similar to linux iptable?
0
 
LVL 44

Expert Comment

by:Darr247
ID: 20337089

                               8signs

In 1998 when I first started looking for a software firewall for windows, there was exactly one available: ConSeal, made by Signal9. In 2002 Symantec bought out Signal9, apparently only to eliminate competition, because they never issued a single update for it nor did they incorporate any of its features into Norton Internet Security that I could tell (I regret the one time I installed THAT on one of my sisters' computers). So I switched to the free zone alarm, then zone alarm pro when it added spyware scanning (still kept ad-aware, though), all the while missing the level of control ConSeal had offered. :|

Anyway... the non-compete clause expired this year and the Signal9 guys have re-introduced their old firewall, with a different name and interface - go to www.8signs.com and you can download a free trial. It WILL do what you want. You can allow all and specify restrictions, or block all and specify what's allowed in, right down to the socket level, with different rules for each adapter (VPN, multiple ethernet cards, DUN, et al), if you want. It has a learn mode so you can have it make a few rules interactively, then edit them to get an idea how to formulate your own, and wizards to help you do initial setups. If you're used to making your own rules in a linux firewall you'll probably pick it up pretty quickly.

Sorry if any of that sounds like hype - it can prove itself, and they have a support page on their site. I have no connection with them other than I bought a 5-unit license for it with 3 months left on my current ZAP subscription. It does what it's supposed to for me, so I recommend it... that's about it for my 'full disclosure' notice. :)
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20337681
Hi,
Yes the ones I suggested above :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20345452
Is your web sevice being run using IIS or something different?
0
 

Author Comment

by:dublindavid
ID: 20400809
Its windows server web edition 2003,  IIS
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 20406125
Then you have the ability already in IIS to allow access from only selected IP addresses.
I would also disagree with the above comment on MS firewall - it works perfectly well when configured correctly also.
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question