Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

blocking ports in NT4

Status
Not open for further replies.
cookie101

cookie101

IS-IT--Management
Joined
Mar 29, 2004
Messages
23
Location
US
I'm trying to block specific ports (135, 139, etc) on an NT4 embedded system. Microsoft is not helpful and IPSec isn't installed on the NT4.

Does anyone have any ideas on how to do this?

Thanks!
Garrett Carter
CCNA, A+
 
Sort by date Sort by votes
These ports are used by MS networking, best to block at the switch or firewall.
 
Upvote 0 Downvote
The best way is to block all ports and only open the ones that are needed.

As oisnds said use a firewall either software or hardware. If you don't have a hardware software there is some quite good free software ones out there.
 
Upvote 0 Downvote
If you really want to do this on NT, you can go into the Advanced properties for the IP protocol and under the options tab there is a setting for TCP/IP filtering. From here you can select the ports you want to enable/disable.
 
Upvote 0 Downvote
All these suggestions are great, but it's not an option. The NT machine is directly connected via dail-up and we don't want to place it behind a firewall. Is there any other way to block ports that are not needed?

Also, we're using ports 1024 through 5000 and don't want to "open" all of these individually.
 
Upvote 0 Downvote
Have you thought about installing a host based firewall on the box like ZoneAlarm or BlackIce
 
Upvote 0 Downvote
This is the second time I've seen it posted that you can do this on the Advanced tab of TCP/IP properties and as far as I know it just ain't true. If it really is someone please let me know.

As far as I know there is no way to do this without an add on like those that have been mentioned.

I don't understand the don't want it behind firewall part though. What difference if the firewall blocks certain ports or you block them some other way?
 
Upvote 0 Downvote
I agree that putting this behind a firewall is the best solution, but we don't want the cost and since it's embedded, there is no user to say "yes" or "no" to settings, Zone Alarm and BlackICE are not good solutions. My customers don't want to (don't need to) pay for something they don't need. The firewall is extra expense, we're only communicating between us and it on specific ports (1000 - 5000). A firewall is just out of the question.

However, we have seen in the Advanced properties that you can allow specific ports. We've done this, but it only seems to work on the NIC, the MODEM isn't listed on the devices. Seems odd.

Anyway, the best solution is something I can't do. Any suggestions?
 
Upvote 0 Downvote
You only need one firewall since if i understand your setup correctly. Everyone that get out on the net goes through the NT box.?

So all you need is a firewall configured on one machine block all ports then open the ones you need.

If you already using some kind of router it might have built-in firewall.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question Question
Problem with PDFs in IIS
Replies
1
Views
2K
gbaughma
gbaughma
Aquiles Vidal
  • Locked
  • Question Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
909
Aquiles Vidal
Aquiles Vidal
nukeinfer
  • Locked
  • Question Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
891
mangentle
mangentle
antonio_dsanchez
  • Locked
  • Question Question
post-installation WSUS windows server 2016
Replies
0
Views
743
antonio_dsanchez
antonio_dsanchez
goombawaho
  • Locked
  • Question Question
Server 2012 Essenitals Installation Media
Replies
1
Views
379
goombawaho
goombawaho

Part and Inventory Search

Sponsor

Back
Top