IP filtering

[jason]

I have applied filtering to first NIC interface and
limited this to only port 80. I have no other allowed
ports on TCP ,UDP, IP

But when I do a penetration test on that nic interface it
shows other ports open.

Is this because live connections ignore any filtering you
do.
Is ther anything I can do maybe to the registry for the
filtering to take effect.

Please advise

 

[Miha Pihler]

Hi Jason,

You have to create at least two rules. One will allow all connections to
port 80 and second rule will deny everything else. Is your situation such?

Mike

 

[Steven L Umbach]

You have to reboot in order for tcp/ip filtering to take effect. You may also want to
look at using ipsec filtering with permit and block filter actions if for some reason
you do not want to or can not use a firewall. Ipsec filtering is built in, can also
control outbound access, and does not require a reboot. The link below explains more
on how to configure it. --- Steve

http://www.securityfocus.com/infocus/1559

 

[jason]

Thanks, know where to look now

-----Original Message-----
You have to reboot in order for tcp/ip filtering to take effect. You may also want to
look at using ipsec filtering with permit and block

filter actions if for some reason

you do not want to or can not use a firewall. Ipsec

filtering is built in, can also