Solved

I would like a software firewall for my windows server that only allows connections from approved IP addresses..

Posted on 2007-11-21
11
227 Views
Last Modified: 2010-04-09
I would like a software firewall for my windows server that only allows connections from approved IP addresses..Similar to IP tables that linux use... Does it exist?
0
Comment
Question by:dublindavid
  • 3
  • 3
  • 2
  • +2
11 Comments
 
LVL 2

Expert Comment

by:terrydavis
ID: 20332921
Windows Server 2003 has a firewall service.  There should be an icon in your control panel.
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20333046
Hi,
Try one of those :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 

Author Comment

by:dublindavid
ID: 20333306
RE:Windows Server 2003 has a firewall service
Do you mean windows firewall? I need it to only allow selected IP's to access the server.. Not cut the net
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20333525
Hi,
Windows 2003's firewall is crap and will not allow you to do what you whould like to do.
Generally you would use a security solution including hardware like Cisco or SonicWall for example or use ISA server to protect your servers and network.
0
 

Author Comment

by:dublindavid
ID: 20333810
ok, I dont have a hardware firewall and I cant change the server, so is there any software solution to gove me something similar to linux iptable?
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 44

Expert Comment

by:Darr247
ID: 20337089

                               8signs

In 1998 when I first started looking for a software firewall for windows, there was exactly one available: ConSeal, made by Signal9. In 2002 Symantec bought out Signal9, apparently only to eliminate competition, because they never issued a single update for it nor did they incorporate any of its features into Norton Internet Security that I could tell (I regret the one time I installed THAT on one of my sisters' computers). So I switched to the free zone alarm, then zone alarm pro when it added spyware scanning (still kept ad-aware, though), all the while missing the level of control ConSeal had offered. :|

Anyway... the non-compete clause expired this year and the Signal9 guys have re-introduced their old firewall, with a different name and interface - go to www.8signs.com and you can download a free trial. It WILL do what you want. You can allow all and specify restrictions, or block all and specify what's allowed in, right down to the socket level, with different rules for each adapter (VPN, multiple ethernet cards, DUN, et al), if you want. It has a learn mode so you can have it make a few rules interactively, then edit them to get an idea how to formulate your own, and wizards to help you do initial setups. If you're used to making your own rules in a linux firewall you'll probably pick it up pretty quickly.

Sorry if any of that sounds like hype - it can prove itself, and they have a support page on their site. I have no connection with them other than I bought a 5-unit license for it with 3 months left on my current ZAP subscription. It does what it's supposed to for me, so I recommend it... that's about it for my 'full disclosure' notice. :)
0
 
LVL 12

Expert Comment

by:dlan75
ID: 20337681
Hi,
Yes the ones I suggested above :

http://force.coresecurity.com/
http://wipfw.sourceforge.net/ (that one is a clone of the freebsd ipfirewall)
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 20345452
Is your web sevice being run using IIS or something different?
0
 

Author Comment

by:dublindavid
ID: 20400809
Its windows server web edition 2003,  IIS
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 125 total points
ID: 20406125
Then you have the ability already in IIS to allow access from only selected IP addresses.
I would also disagree with the above comment on MS firewall - it works perfectly well when configured correctly also.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now