Hi there, I suggest using Win2k IPSEC policies to protect your server.
One can define very complex rules on any interface with source, destination and service. One can even create groups\object and apply to a service with permit\deny\encrypt Its perfect if one has remote servers with no other protection. I usually block all ports and only explicity permit the required ports. You can create the other rules for TS and netbios traffic etc. You can also expory the policy so you can apply them on other hosts. The peformance penalty is neglabile and changes can be made on the fly with no reboots. It's at Administrative tools, Local Security Policy Have fun. Eric Appelboom Message: 2 From: "Prathabacimman.M" <[EMAIL PROTECTED]> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Subject: Re: Win2kAdvance Server Date: Mon, 28 Jan 2002 17:00:11 +0530 Date: Fri, 25 Jan 2002 12:44:48 +0100 From: Sascha Andres <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: Win2kAdvance Server hi, On Wed, Jan 23, 2002 at 05:06:38AM +0800, Rodel P Hipolito wrote: Does windows 2k advance server has a built in firewall? or can modify its registry so that it would act as a firewall? no, but ... if you go to the properties of your network card -> properties of tcp/ip -> advanced -> options -> properties of tcp/ip filtering you may enable or disable filtering and set the allowed prts for tcp, udp and the allowed ip protocols. but in fact that's not a firewall. ciao sascha Eric Appelboom Information Security *** Disclaimer: The information in this email is confidential and is intended solely for the addressee(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, you must not read, forward, print, use or disseminate the information contained in the email. Any representations (contractual or otherwise), views or opinions presented are solely those of the author and do not necessarily represent those of the employer or any of its affiliates. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
