• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Firewall / Port blocker

S

speed01

Golden Member
I need a firewall and/or a port blocker (preferably free) that will work on w2k advanced server running ICS and dual processors, any suggestions? I know Zone Alarm Pro would do the trick but current situations preclude buying it. Any help would be greatly appreciated.
 
Use the built in IP filtering on W2k advanced server. Register your product and check MS knowledge base🙂
 
I'm more concerned with closing or hiding the open ports than I am with the IP's. Once I get them closed, I'll concentrate on determing which addresses to allow and which not to. Right now I have NetCommando running to close a few, but there are still a whole lot more listening that I want closed(ie. 139, 21 ect.).
 
If you are worried about NetBIOS and/or web services, make sure that you have disabled NetBIOS over TCP/IP in your NIC settings or make sure that the service is either not installed or not started. The IP Filtering in RRAS will filter out any Inbound traffic that you do not or do want to accept. You are probably not going to find a good and reliable free firewall software. I would just go out an spend the $40 or $50 for a cheap personal firewall software.

BTW, how many users does this need to support?
 
It only needs to support a home LAN for the time being(test bed). I have to keep NETBIOS enabled for file and print sharing. The user machines are pretty secure, they are anonymous and behind a software firewall, but that isn't helping the server. The LAN doesn't have anything really important on it, but because it's there, it gets hit a lot (and being password protected seems to make it a bigger target). When I had a single cpu server, I could monitor and trace errant pings and scans and so forth (that's how I know it get's hit alot) but the daul cpu's and upgrade to Win2k Advanced Server changed all that. Now I'm finding errant .pwl's on it (not a good thing to find). Being the extremely paranoid individual I am, I would like to be sure the LAN is secure, and still retain complete freedom when using the internet. RRAS tends to let the modem answer which I don't want so it isn't enabled (it's dial-up, cable and such aren't available in the area). As you can see, it's a rather complicated situation to figure out.
 
I realize that, but you can disable NetBIOS on one of the NIC's. Right-click on My Network PLaces and select Properties. Click on the Advanced menu selection, and select Advanced Settings. There you will be able to remove the bindings of the Microsoft Networking on the public NIC.

But, as far as a good firewall, I would look at BlackICE from NetworkICE. I have had no problems from it and it captures enough information on the possible attack that I can find out who it might be. I can also see what port they are trying to access, and how many times. BlackICE will also tell me what type of attack it is, if the attack is a well known attack.
 
The 2 most popular free ones are

1. Zonealarm
2. Tiny Personal Firewall (don't think it supports ICS)

They both work on 98,Me,NT,and 2000.

Black Ice has a free 30 day trial.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top