Security Basics mailing list archives
Re: Windows Server 2000 port lock down
From: Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>
Date: Sat, 27 Aug 2005 02:32:38 +0200
On 2005-08-26 SandySue () epix net wrote:
Can anyone direct me to a set of windows commands to close ports on a Windows 2000 server (or if necessary, a third party application that can be loaded on a Windows 2000 server to close ports). I'm looking for a solution to close ports that encompasses the least amount of process overhead; the goal is lock down outbound traffic. The solution must work on a 2000 Server.
Disable the services you don't want to provide. Remove services that can't (or must not) be disabled from external interfaces. There is no out-of-the-box solution, because nobody could guess which services you need to provide and which you don't. net help stop sc /? netstat /? http://support.microsoft.com/default.aspx?scid=kb;en-us;832017 http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html http://www.blackviper.com/WIN2K/servicecfg.htm http://www.ntsvcfg.de/ntsvcfg_eng.html (the script could be used as a template) HTH Regards Ansgar Wiechers -- "Another option [for defragmentation] is to back up your important files, erase the hard disk, then reinstall Mac OS X and your backed up files." --http://docs.info.apple.com/article.html?artnum=25668
Current thread:
- Windows Server 2000 port lock down SandySue (Aug 26)
- Re: Windows Server 2000 port lock down Ansgar -59cobalt- Wiechers (Aug 29)
- RE: Windows Server 2000 port lock down Ramki B (Aug 29)
- RE: Windows Server 2000 port lock down Robert McIntyre (Aug 30)
- <Possible follow-ups>
- Re: Windows Server 2000 port lock down firebird (Aug 29)