Security Basics mailing list archives
RE: Securing a Win2k DNS server outside firewall...
From: "VNV Jeep" <vnvjeep () hotmail com>
Date: Fri, 06 Jun 2003 14:30:41 -0400
Thanks for the message back, Bob...
I'm pretty sure that if you unbind File and Print sharing and client for Microsoft Networks from the network adapter, it will stop responding to RPC requests. If you're only using the boxes for DNS, it shouldn't cause any problems.
Unfortunately that isn't the case. I have everything disabled with the exception if TCP/IP in the nic properties. I had the same thought that you did back when I set these up... no dice.
I was even thinking of disabling the RPC service, but apparently the DNS service relies on it... so I guess I'm forced to keep it running.
Other suggestions I've received (thanks to all who responded sofar): - Block 135 from the router to this particular IP - Use IPsec/GP for 135. - Stick the DNS boxes in a DMZ. Take care, Mike _________________________________________________________________The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
--------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Securing a Win2k DNS server outside firewall... VNV Jeep (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... David Gillett (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... Richard Parry (Jun 06)
- Re: Securing a Win2k DNS server outside firewall... beartman (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... dave (Jun 06)
- <Possible follow-ups>
- RE: Securing a Win2k DNS server outside firewall... Bermingham, Bob (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... VNV Jeep (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... Manuel Fernandes (Jun 09)
- RE: Securing a Win2k DNS server outside firewall... Minneker, Andrew L. (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... Pascal Rossillon (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... VNV Jeep (Jun 06)
- RE: Securing a Win2k DNS server outside firewall... type_o (Jun 09)