A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Security and Administration with Windows XP
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Block outsiders from accessing port 80.



 
 
Thread Tools Display Modes
  #1  
Old June 3rd 04, 05:47 AM
bonset
external usenet poster
 
Posts: n/a
Default Block outsiders from accessing port 80.

Hello all

I have installed IIS 5.1 and I want to block everybody that does not belong to my domain to access my web sites. Unfortunately the organization I am working for does not have a central firewall solution so I am almost completely exposed. I have installed a
ll latest updates and I am using Symantec Antivirus Corporate Edition 8.1.

To block everybody from outside I stopped Anonymous Access to my web sites (IIS default site properties-Directory Security- Clear check-box Anonymous access) and I checked only Integrated Windows authentication.

I watch the IIS log everyday and I see foreign addresses trying to access my port 80 in bizarre ways e.g.:
- 80 HEAD /MSADC/root.exe /c+dir+c:\ 401 5 194 130 0 HTTP/1.0
- 80 HEAD /_vti_bin/..%5c..%5c..%5c..%5c..%5c../winnt/system32/cmd.exe /c+dir+c:\ 401
- 80 SEARCH / ± ± ± ±  (many or them) - 401 5 4644 67022 78 HTTP/1.1

I hope that as long as these requests get a 401 answer they are blocked. Still I am very worried about this and I don’t know how to stop this situation.

I am quite new at this and my Internet Connection Firewall is not enabled because I access a lot of things on my file servers and I don’t want that to be stopped.

Could somebody help me with this?

Thank you all for your time.

PS: could you please suggest links for reading about controlling ports on XP Pro

Ads
  #2  
Old June 6th 04, 06:45 AM
Steve Riley [MSFT]
external usenet poster
 
Posts: n/a
Default Block outsiders from accessing port 80.

Hang on, hope you'll still read this thread.

Help me understand the situation better. In your original post you said you
"want to block everybody that does not belong to my domain to access my web
sites." Is this server exposed to the Internet? Or is it accessible only
from an internal network?

Putting a firewall in front of the computer isn't necessarily the correct
thing to do, but it's practially impossible to give you good advice without
understanding better what your network is like, where the server is located
network-wise, and so on. Can you supply some more details?

--
Steve




"bonset" wrote in message
...
Thank you both for your suggestions. I understand how crucial this is...
and you are right. I'll change my priorities!

Thank you again for your time and effort.



  #3  
Old June 16th 04, 04:42 PM
bonset
external usenet poster
 
Posts: n/a
Default Block outsiders from accessing port 80.

Hello Steve,

Sorry for not answering sooner but I entered the forum again just today.

So, the situation is quite simple, I have this workstation (XP Pro SP1) with its IIS that is exposed to the Internet as every other workstation in my LAN (static IPs and some coverage from a "well configured rooter" that is out in my reach).

I want to lock down port 80 so that users outside my domain will not be able reach my IIS at all (as if it was behind a firewall solution).

I have already blocked anonymous access as I described in my original message, and it seems it is working… still I see some very annoying hits in the IIS log from people trying to access system files (see my original message).

Hope you are going to see this!

Thank you in advance for your time.


"Steve Riley [MSFT]" wrote:

Hang on, hope you'll still read this thread.

Help me understand the situation better. In your original post you said you
"want to block everybody that does not belong to my domain to access my web
sites." Is this server exposed to the Internet? Or is it accessible only
from an internal network?

Putting a firewall in front of the computer isn't necessarily the correct
thing to do, but it's practially impossible to give you good advice without
understanding better what your network is like, where the server is located
network-wise, and so on. Can you supply some more details?

--
Steve




"bonset" wrote in message
...
Thank you both for your suggestions. I understand how crucial this is...
and you are right. I'll change my priorities!

Thank you again for your time and effort.




 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 02:36 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright 2004-2024 PCbanter.
The comments are property of their posters.