Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Hardware vs. Software firewall reliability

From: "Lart" <lart () hacksec org>
Date: Fri, 10 Sep 1999 23:29:25 -0400
: Personally speaking, I love watching NT guys shriek in terror as
: they watch
: me configure an NT box for use with FireWall-1.

Since I've now received 5 requests for what exactly I do, I thought the
world at large might benefit from this...

First, I'll say that Lance Spitzner has an excellent document on stripping
NT down.  It's at:

http://www.enteract.com/~lspitz/nt.html

Personally, I always use good firewall rulesets that prohibit just about any
kind of direct communication with the NT firewall.  Anyhow, here's how I
start...

1) Install NT Server 4.0 (my cd comes w/SP1 already installed)
2) rename administrator and guest.  Those should be the only 2 accounts on
the box.
3) Install all NICs and drivers.
4) SP 5 - 128 bit
5) Go to control panel, network, services tab.  Remove all the services
there, except SNMP (and only leave SNMP if you want to use the FW-1 system
status viewer).  If you do this, be absolutely sure to change the community
strings.
6) reboot (NT will ask you to).
7) Control Panel, Services.  Disable all unneeded services.  On a firewall
I'm looking at right now, I've got running:

Event Log
Plug and Play
Protected Storage
SNMP

8) Control panel, Devices.  Disable WINS Client.
9) restrict remote registry access
10) install fw-1
Previous By Date Next
Previous By Thread Next

Current thread: