Hank, You need to ignore the three items under IPSEC and create a new IPSEC filter. (or you could try to modify one of the existing filters.)
Denny At 08:03 PM 12/8/2001 -0800, Hank Lee wrote: >Hi! >Thanks for so many people in this list input. Security >is I concern, but budge is too. This box is for home use >which link to internet 24 hours thr cable modem. >I got individal nic to access my internal boxdx and exteranl >with NAT. I did see some acccess from outside to this box >thr port 135 by w2k network monitor. I saw many articles >talking about the possible virus or dos attack thr this port >on internet. > >I study linux also. It is very easy to block a port in linux >(please no fight for this top, just a personal opinion) >However I use w2k most of time. Thus I look for how >to do the same thing in w2k to protect my property. > >I tried to use IPSEC. There are only three choice >1. Cleint >2. Secure Server >3. Server >I do not what which option REALLY mean, what it try to >protect or perfrom. I do not see there is an option I can >specify blocking port 135 on which IP or which nic. > >Same problem when I try TCP/Ip filter. The apply is for >ALL ADAPTERS > >Before I spend $100 to $400 for a firewall box or a firewall >program, I just hope some one can give me a confirmation >that > >"Blocking a port in w2k with native program is not doable" > >Thanks for every one input. > >Hank Lee > >----- Original Message ----- >From: "Dennis Depp" <[EMAIL PROTECTED]> >To: "NT 2000 Discussions" <[EMAIL PROTECTED]> >Sent: Friday, December 07, 2001 1:24 PM >Subject: Re: how to block port 135 without router or firewall > > >Hank, > >You can do this with IPSEC. IPSEC has packet filtering capabilities that >can be linked to an IP address without utilizing any of the security >features of IPSEC. > >Dennis Depp >Oak Ridge National Lab > >At 12:46 AM 12/7/2001 -0800, Hank Lee wrote: > >1. What OS -... > >it is w2k box. I have checked ip filter but it is for all nics. I am >looking > >for > >certain ip or nic in the box > > > >2. The NSA publishes a ..... > >thank you for the info > > > >3. 135= RP....... > >I already take care of them > > > >4. Look into Tiny Firewal... > >is it possible do it with w2k WITHOUT firewall box? > > > > > >5. You may have better luck starting your search from > >http://www.microsoft.com/security. > > > >7. There are cheap Firewall/Router products for Home use ($150-$400 US). > >I may just clean up my unused pentum box and install linux to do the job. > >My point is > > > >"Is it possible do it within w2k WITHOUT firewall box?" > > > >Cannot believe w2k have no ability to disable and block certain port by > >itself... > > > > > >Thanks > > > >Hank Lee > > > > > > > >------ > >You are subscribed as [EMAIL PROTECTED] > >Archives: http://www.swynk.com/sitesearch/search.asp > >To unsubscribe send a blank email to [EMAIL PROTECTED] > > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to [EMAIL PROTECTED] > > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
