• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint

Port Restrictions

Earlier in the chapter, we discussed the possible threats that open ports pose to the security of the system. When an attacker has the ability to contact an open port, he can launch an attack against the system if a known vulnerability exists. Because your home system is not behind a corporate firewall, you need some protection against attackers looking for open ports. Chapter 11 discusses third-party personal firewalls available to the home user; even without a third-party package, however, Windows 2000 comes with some built-in port filtering capability.

You can find a list of open ports on your local system at %systemroot%\drivers\etc\services. Port restrictions can be implemented using the TCP/IP Security console located in the TCP/IP properties. Select Start, Settings, Control Panel, Network and Dial Up Connections, Local Area Connection, Internet Protocol (TCP/IP). Click the Properties button, and then click the Advanced button. On the Options tab, choose TCP/IP filtering. You see the dialog box shown in Figure 10.33. To allow only TCP and ICMP connections, configure the UDP Ports and IP Protocols to Permit Only and leave the IP Protocols box blank.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint