Nice advice Bruce,
To close particular ports. Quite generic. The real question is how?

In XP's there is one TCP/IP port handling menu, but it permits only either
all ports open or list all permitted ones. Seemingly there is no way to
assign those ports I want to close. The ketch is to know all the ports
required from the 60 thousands like possibilities and declare them one by
one. Instead of the logical inverse, list only the bad guys.

There is a text file with services and ports in the same directory as the
hosts file. Is it active? But anyway it looks like only a small percentage
of all services are listed in it.

Is there any work around in XP pro to close a port or make it stealth?
Presently it looks like dark science :-)

One of the most important port closing seems to be the ping port witch
responds to hackers automatically generated scans if open.

"Bruce Chambers" > wrote in message
...
> Greetings --
>
> If your IT guys don't already know how to do this, you'd better
> think about hiring a someone who at least knows the basics of network
> security.
>
> Use the firewall to ensure UDP ports 135, 137, and 138 and TCP
> ports 135, 139, and 445 are _all_ blocked. You may also disable
> Inbound NetBIOS (NetBIOS over TCP/IP). You'll have to follow the
> instructions from firewall's manufacturer for the specific steps.
>
>
> Bruce Chambers
>
> --
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on
> having both at once. -- RAH
>
>
> "John" > wrote in message
> ...
> > Hello,
> >
> > Is there a way to prevent the annoying gray popups at the
> router? Are IT
> > people use the net send command to notify that a server is being
> rebooted
> > etc...We have a cisco router is there a port we can close for these
> pop ups?
> > Thanks in advance.
> >
> > John
> >
> >
>
>

Greetings --

As I said, your IT folks should already know how to do this if
they're qualified for their jobs. Because you didn't specify exactly
what firewall or proxy server applications your IT department has in
place to protect your LAN, all anyone _can_ provide is "generic"
advice -- the specific "hows" depend entirely upon the applications
being used.

I don't understand why you've raised the issue of WinXP's built-in
firewall. The WinXP firewall is not designed for use on a LAN, at
all. It's intended for stand-alone PCs that connect directly to the
Internet. Because of this, it's also not very configurable. By
default, most ports are closed, and only those used by known,
installed applications are opened.

Bruce Chambers

--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH


"cato" > wrote in message
...
> Nice advice Bruce,
> To close particular ports. Quite generic. The real question is how?
>
> In XP's there is one TCP/IP port handling menu, but it permits only
either
> all ports open or list all permitted ones. Seemingly there is no way
to
> assign those ports I want to close. The ketch is to know all the
ports
> required from the 60 thousands like possibilities and declare them
one by
> one. Instead of the logical inverse, list only the bad guys.
>
> There is a text file with services and ports in the same directory
as the
> hosts file. Is it active? But anyway it looks like only a small
percentage
> of all services are listed in it.
>
> Is there any work around in XP pro to close a port or make it
stealth?
> Presently it looks like dark science :-)
>
> One of the most important port closing seems to be the ping port
witch
> responds to hackers automatically generated scans if open.
>

Beating around the bush again. Evidently a stand alone computer is the
question as most of PC owners have no IT department behind them, neither
have they big multilayer networks. True understatement, XP's built in
firewall is not flexible.

For that reason, to imply that it closes all ports from harmful activity on
the net is the opposite end, a gross overstatement. Tests did show
vulnerabilities. Ports are not stealth, sometimes wide open. That is why
closing certain ports is necessary. Closing not used services are highly
advisable too, etc., etc. millions of good advices.

But nobody responds how to do that, just beating around the bush, to remain
diplomatic.


"Bruce Chambers" > wrote in message
...
> Greetings --
>
> As I said, your IT folks should already know how to do this if
> they're qualified for their jobs. Because you didn't specify exactly
> what firewall or proxy server applications your IT department has in
> place to protect your LAN, all anyone _can_ provide is "generic"
> advice -- the specific "hows" depend entirely upon the applications
> being used.
>
> I don't understand why you've raised the issue of WinXP's built-in
> firewall. The WinXP firewall is not designed for use on a LAN, at
> all. It's intended for stand-alone PCs that connect directly to the
> Internet. Because of this, it's also not very configurable. By
> default, most ports are closed, and only those used by known,
> installed applications are opened.
>
> Bruce Chambers
>
> --
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on
> having both at once. -- RAH
>
>
> "cato" > wrote in message
> ...
> > Nice advice Bruce,
> > To close particular ports. Quite generic. The real question is how?
> >
> > In XP's there is one TCP/IP port handling menu, but it permits only
> either
> > all ports open or list all permitted ones. Seemingly there is no way
> to
> > assign those ports I want to close. The ketch is to know all the
> ports
> > required from the 60 thousands like possibilities and declare them
> one by
> > one. Instead of the logical inverse, list only the bad guys.
> >
> > There is a text file with services and ports in the same directory
> as the
> > hosts file. Is it active? But anyway it looks like only a small
> percentage
> > of all services are listed in it.
> >
> > Is there any work around in XP pro to close a port or make it
> stealth?
> > Presently it looks like dark science :-)
> >
> > One of the most important port closing seems to be the ping port
> witch
> > responds to hackers automatically generated scans if open.
> >
>
>

Bruce,

Currently we don't have a firewall. We have been using the NAT off of
the Cisco router to block most of the issues, and have been successful for
the most part. We never got the blaster or any of the other worms that have
been plaguing the internet. However I am a peon in the IT department(there
are only 3 of us mostly inexperienced in the network area other guy got the
boot!!!) does any one have a suggestion on a good firewall? Some one told me
Zone Alarms but I defer it to you guys. We have 25 computers here behind the
Cisco router using NAT. What should we change as far and the LAN? Should we
have a gateway with the firewall on it? I appreciate your patience and
suggestions.

John

"Bruce Chambers" > wrote in message
...
> Greetings --
>
> As I said, your IT folks should already know how to do this if
> they're qualified for their jobs. Because you didn't specify exactly
> what firewall or proxy server applications your IT department has in
> place to protect your LAN, all anyone _can_ provide is "generic"
> advice -- the specific "hows" depend entirely upon the applications
> being used.
>
> I don't understand why you've raised the issue of WinXP's built-in
> firewall. The WinXP firewall is not designed for use on a LAN, at
> all. It's intended for stand-alone PCs that connect directly to the
> Internet. Because of this, it's also not very configurable. By
> default, most ports are closed, and only those used by known,
> installed applications are opened.
>
> Bruce Chambers
>
> --
> Help us help you:
> http://dts-l.org/goodpost.htm
> http://www.catb.org/~esr/faqs/smart-questions.html
>
> You can have peace. Or you can have freedom. Don't ever count on
> having both at once. -- RAH
>
>
> "cato" > wrote in message
> ...
> > Nice advice Bruce,
> > To close particular ports. Quite generic. The real question is how?
> >
> > In XP's there is one TCP/IP port handling menu, but it permits only
> either
> > all ports open or list all permitted ones. Seemingly there is no way
> to
> > assign those ports I want to close. The ketch is to know all the
> ports
> > required from the 60 thousands like possibilities and declare them
> one by
> > one. Instead of the logical inverse, list only the bad guys.
> >
> > There is a text file with services and ports in the same directory
> as the
> > hosts file. Is it active? But anyway it looks like only a small
> percentage
> > of all services are listed in it.
> >
> > Is there any work around in XP pro to close a port or make it
> stealth?
> > Presently it looks like dark science :-)
> >
> > One of the most important port closing seems to be the ping port
> witch
> > responds to hackers automatically generated scans if open.
> >
>
>

Greetings --

Ideally, a single computer should be acting as your proxy server
and firewall, providing Internet access for the rest of the network.
This gives you one machine to configure and monitor, rather than 25.
If that's not within your budget, the Cisco router with NAT is better
than nothing, but you still need firewall protection on each internal
workstation to guard against unauthorized outbound traffic.

ZoneAlarm, Kerio, or Sygate are all much better, and there are a
free versions available. Personally, I've been very happy with
Symantec's Norton Internet Security 2002 (NIS 2004 is now available),
which includes Norton AntiVirus, Norton Personal Firewall, parental
controls, privacy controls, and ad blocking.


Bruce Chambers

--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH


"John" > wrote in message
...
> Bruce,
>
> Currently we don't have a firewall. We have been using the NAT
off of
> the Cisco router to block most of the issues, and have been
successful for
> the most part. We never got the blaster or any of the other worms
that have
> been plaguing the internet. However I am a peon in the IT
department(there
> are only 3 of us mostly inexperienced in the network area other guy
got the
> boot!!!) does any one have a suggestion on a good firewall? Some one
told me
> Zone Alarms but I defer it to you guys. We have 25 computers here
behind the
> Cisco router using NAT. What should we change as far and the LAN?
Should we
> have a gateway with the firewall on it? I appreciate your patience
and
> suggestions.
>
> John
>