2 Quick Questions...

I

iphonogasm

Active Member
Joined
Jun 19, 2011
Messages
249
Location
New Zealand
hi, my first quesion.

I have a DMZ to a server running 2008 Enterprise. When i add an exception in windows firewall for the Public profile (i also add it to all profiles) but the port doesnt open when doing a portscan externally.

Secondly...

Any idea if there is/what is the Group Policy to disable saving ALL passwords (VPN, Network Drives, RDP etc etc)

Thanks!!
 
Mhhh but do you have at least the entry in your firewall? I mean, when you click apply, does the rule is registered?

re you sure you don't have another firewall?

Which port are you trying to open? Which port is already opened?



There's only one policy which doesn't permit (to the user) to save password for .NET Passport account. This means you can still save VPNs password and so on if they're not Windows things.
 
Yes the rule created was named "Test" and opened TCP port 1000

The rule is then shown as "Active" and is a Public rule

I no other firewall running. I have a NAT at the router, however this does not apply now that i am using a DMZ

I have 80, 1723, 25, 110, 143, 21, 3389 and a few others, which are open in the firewall. Im just not able to get 1000 open, maybe i need to go higher like 4000?


Thanks for policy reply, that doesnt really matter!

One more thing, how can i block port scanning requests? do i need to block by IP range, and is this possible in Windows Firewall?

Thanks!
 
Well the first 1024 ports are WELL-know, then there're the REGISTERED port (until 49151) so you should use a port in this range: 4915265535

Blocking port scanning is not possible, by default the port is blocked, but you can still be able to scan it...
 
Ok yes, but i should still be able to open these ports right?

I will try 50000 now....

The reason i ask about blocking port scans is,

i just tried a scan on a local hosting company domain and it timed out...

as where i can scan my domain...

Thanks again!

UPDADTE: 50000 still wont open. Restarted and all??
 
Are you sure is not opened? I mean... there's no reason for Win FW to don't open a port ) maybe the executable of the program is blocked... can you provide more details about what are you opening?

Well, many FWs have this possibility, you can "block" a scan from outside, it's like a traceroute, there're firewalls that blocks packets and stop. The same thing happens on port scanning. When you are trying to find an open port (because of you're an attacker or you're testing your OWN security) you can use many programs that have also the settings to wait for the next probe. In other words, if your firwall see that the IP 8.8.8.8 is checking (connection try) on port 443 it can't (it couldn't) block this IP, but if this client in 1-2 seconds try the same thing on different port... well this is a scan )

There're other ways to scan (only with SYN, complete ACK, Christmas Tree, ...) and all of these technics are different and more or less complex. The built in FW in windows doesn't have so many settings to block specific ip on port scan. You should check other products (most of them are appliance...) but trust me, you don't really need this. Where I work right now, something I must go to clients to check network and security. Almost everyone receive a port scan but this is "normal", I mean, you must check if you are under attack, but a port scan could be only a bot which is trying to infect your pc via an open port...
 
Im positive it not openning..

I have just open PORT 50000, public, domain and private.

I check it here, ping.eu - port checker

megahosting.co.nz port 50000

Thanks man!
 
No program as such, im just trying to OPEN the port

Does it require something to be listenning on that port before it will open??

I have simply created a entry in windows firewall for inbound rules, public, profile and domain. And chosen option "Port"

Entered the port and chosen the protocol TCP.

Then check to see if the ports open....

Thanks
 
Well no... but how can you check if the port is opened if there's nothing behind it?

I can disable the firewall in my network, but if I don't have any WEBSERVER (example) if I write http://myhostname.whatever on my browser I simply have nothing!

The port is opened but there's not a service running behind it...
 
Again im stuck with this problem of the ports not openning

I disabled the firewall on my DMZ to see if that works again

Im trying to open 995, 585 and 485 which has services listenning.

Again the ports dont open???

Any other ideas? Im correct when saying windows firewall controls whats ports are open/closed in a server 2008 DMZ correct??

Thanks
 
deano said:
Any other ideas? Im correct when saying windows firewall controls whats ports are open/closed in a server 2008 DMZ correct??
Click to expand...

I don't know... depends on WHICH level do you create your DMZ. Most of the router have the DMZ functionality so Windows doesn't know anything about the DMZ.

At this point I think the problem is with routing and redirection on your router because if you disable the firewall in your DMZ (assasin!) and nothing works... the problem is not your firewall.
 
yea thats what i thought, was looking at a issue with the router. Im having issues with NAT on this router anyway hence the reason im using DMZ..

Thanks!
 
yea ive just restored to default settings, and no luck

so i updated firmware and i am again able to add forward in NAT....

HOWEVER, i cannot add the forward for port 21 FTP, no matter what i name it, i get the error

Add virtual server named FTP failed. Check for duplicate virtual server rules.

WEIRD!!!
 

Similar threads

allheart55 (Cindy E)
7 things you should never do online
Replies
3
Views
1K
starbuck
starbuck
AWS
Announcing Windows 10 Insider Preview Build 17093 for PC
Replies
0
Views
545
AWS
AWS
Tony D
Machine seems sluggish
Replies
15
Views
8K
Tony D
Tony D
Tony D
Hit with web pop-up scam
Replies
13
Views
2K
Tony D
Tony D
AWS
Protecting your digital identity
Replies
0
Views
302
AWS
AWS
Back
Top