Firewall Wizards mailing list archives
RE: Windows host-based firewalling feasibility (was term inal services)
From: "Small, Jim" <jim.small () eds com>
Date: Tue, 4 Feb 2003 09:40:22 -0500
There is a great program for mapping all your open ports to Windows processes: http://www.sysinternals.com/files/tcpview.zip This program is by noted Windows Expert Mark Russinovich. You don't even have to install it. You just run the program and it maps all your TCP/UDP endpoints to processes in real time. It's freeware and works great. FYI, <> Jim -----Original Message----- You know, I think this is more difficult than for border routers. The sheer number of ports and aps/subsystems trying to use a given port on a Win2k box (say, for example, an Exchange Server) is really hard for me to keep track of. I invested a moderate amount of time researching to figure out what the various ports were for, etc. and came nowhere close to getting to the bottom of it, or feeling like I had it under control. Lot of work. I've done it, and it seems like regularly some component pops out of the woodwork and wants to talk to something on a port I don't recognize. And then, as Steve mentions, you have a self-DOS for as long as it takes for you to ammend the (growing) ruleset. For me, implementing this on anything but a few internet-facing machines ONLY is infeasible. Does anyone do Windows host-based firewalling on the internal LAN or on a larger scale? _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Windows host-based firewalling feasibility (was term inal services) Small, Jim (Feb 04)