Well guys, Give you example how simple you can use back Ice Defender Server version. First of all just type netstat -an in dos command prompt and you get all the port listening and by using fport you know which port is which services. such as below:
Pid Process Port Proto Path 416 svchost -> 135 TCP C:\WINNT\system32\svchost.exe 8 System -> 139 TCP 644 javaw -> 777 TCP C:\Program Files\JavaSoft\JRE\1.3.1\bin\ja aw.exe 892 MSTask -> 1026 TCP C:\WINNT\system32\MSTask.exe 8 System -> 1028 TCP 516 svchost -> 3002 TCP C:\WINNT\System32\svchost.exe 516 svchost -> 3003 TCP C:\WINNT\System32\svchost.exe 516 svchost -> 3004 TCP C:\WINNT\System32\svchost.exe 1260 alertsvc -> 3005 TCP C:\PROGRA~1\Navnt\alertsvc.exe 580 mysqld-nt -> 3306 TCP C:\nsh\mysql\bin\mysqld-nt.exe 860 RSCD -> 4750 TCP C:\rsc\RSCD.exe 1612 msmsgs -> 9637 TCP C:\Program Files\Messenger\msmsgs.exe 516 svchost -> 53 UDP C:\WINNT\System32\svchost.exe 416 svchost -> 135 UDP C:\WINNT\system32\svchost.exe 8 System -> 137 UDP 8 System -> 138 UDP 248 lsass -> 500 UDP C:\WINNT\system32\lsass.exe 472 AuditService -> 1025 UDP C:\Program Files\BackLog\AuditService.EXE 236 services -> 1027 UDP C:\WINNT\system32\services.exe 516 svchost -> 3001 UDP C:\WINNT\System32\svchost.exe 1260 alertsvc -> 3006 UDP C:\PROGRA~1\Navnt\alertsvc.exe Compare it to know which service relate to which port and put that thing in black ice server version firewall setting. Simple. Be more cost effective, we have been running Black Ice for 4 years. No problem at tghe moment. It has the capability of block other thing as well. Sincerely Mustapa Khan ----- Original Message ----- From: "Mikael Olsson" <[EMAIL PROTECTED]> To: "Mustapa Khan" <[EMAIL PROTECTED]> Cc: "jacqueline hoe" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, April 23, 2002 3:12 PM Subject: Re: cyberwall Plus/Host based Firewall > > > Mustapa Khan wrote: > > > > [black ice defender...] is so cost effective and if anyone tell > > you that it is not good at all, 47 servers in our data center in > > Singapore and Malaysia is using that at the moment. > > Uh, wait. Notepad is also cost effective. All of our NT servers > have it. When did this ever become a valid argument in and of itself > in a security-related debate? > > (Note that I'm NOT saying "Black Ice Defender sucks". I don't know > enough about it to say that, or the opposite, for that matter. I'm > just saying that this argument alone is worth _very_ little to me.) > > Regards, > /Mikael Olsson > > -- > Mikael Olsson, Clavister AB > Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden > Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 > Fax: +46 (0)660 122 50 WWW: http://www.clavister.com > > "Senex semper diu dormit" > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > For Account Management (unsubscribe, get/change password, etc) Please go to: > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
