Re: Windows Server 2000 port lock down

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2005-08-26 SandySue () epix net wrote:
> Can anyone direct me to a set of windows commands to close ports on a
> Windows 2000 server (or if necessary, a third party application that
> can be loaded on a Windows 2000 server to close ports).  I'm looking
> for a solution to close ports that encompasses the least amount of
> process overhead;  the goal is lock down outbound traffic.  The
> solution must work on a 2000 Server.

Disable the services you don't want to provide. Remove services that
can't (or must not) be disabled from external interfaces. There is no
out-of-the-box solution, because nobody could guess which services you
need to provide and which you don't.

net help stop
sc /?
netstat /?

http://support.microsoft.com/default.aspx?scid=kb;en-us;832017
http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html
http://www.blackviper.com/WIN2K/servicecfg.htm
http://www.ntsvcfg.de/ntsvcfg_eng.html (the script could be used as a
template)

HTH

Regards
Ansgar Wiechers
-- 
"Another option [for defragmentation] is to back up your important files,
erase the hard disk, then reinstall Mac OS X and your backed up files."
--http://docs.info.apple.com/article.html?artnum=25668