[windows2000] Re: IPSec

  • From: Jim Kenzig <jimkenz@xxxxxxxxxxxxxx>
  • To: windows2000@xxxxxxxxxxxxx
  • Date: Mon, 16 Dec 2002 11:54:26 -0500

Yeah but you need a true firewall to do that. IP Filtering in W2k afaik only
lets you to either only permit or only deny the specified ports not to or
from access to individual IP addresses for specific ports.
JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Rob Combis
Sent: Monday, December 16, 2002 11:41 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



I would think that you should allow 3389, 21 and 80 only from your IP =
address,  then deny everything else but port 80 (and SMTP or SSL if =
needed) for all other IPs.  Also allow all outbound connections.  This =
is similar to what I do at our remote hosting location.  It is easier to =
do with a hardware firewall but works fine with this kind of filtering.

-----Original Message-----
From: Jim Kenzig [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Monday, December 16, 2002 11:36 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



Then you'd have to open port 21 also.  I permit only TCP Ports 21, 25, =
80
and 3389 since I use no SSL on mine.
I make sure that all login (both successful and denied) are logged in my
event log and monitor them from day to day to make sure no one is trying =
to
FTP or TS into my server unauthorized.=20
JK

-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Rob Combis
Sent: Monday, December 16, 2002 11:28 AM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] Re: IPSec



Ray-
Yes, that is what you want to do.
(ssl port=3D3D443)

However I would use FTP to upload files, not Windows file/print sharing.
Rob

==================================
To Unsubscribe, set digest or vacation
mode or view archives use the below link.

http://thethin.net/win2000list.cfm

Other related posts: