Mttc said:
My opinion is to isolate one computer that has access to Internet
from the local network.
Our network not connects to Internet, therefore it is more secure. So
I want to reduce risk to get virus and others attack from this
computer. I think that be more secure to block this computer
Outbound to the local area by blocking most ports and service except
some service that I must leave Open.
Until now I used with norton pfw 2003. I permit only outbound of port
3389, for TS.
So I want to know where I can find exactly list the service, and port
for any network service as
File sharing and so on.
I think you may be approaching this backwards. You don't need to find out
information for every conceivable port - you need to decide what ports you
want to allow, and deny all others. Inbound, and outbound as well, if you
wish.
What kind of Internet connection do you use? Broadband? Get a perimeter
firewall appliance - do port mapping so that port 3389 (and whatever
additional ports you need - be careful) is forwarded only to the LAN IP of
this workstation if you wish to access Remote Desktop from the Internet.
For outbound traffic, if you get a decent firewall appliance, you can allow
only specific ports, such as 80, 443, 110, etc if you don't want to allow
all outbound connections by default.
Also, if you wish, enable the XP firewall on all your other XP workstations,
and set exceptions for file & print sharing.
If you have dialup, you really need a software firewall like ZoneAlarm, etc,
to do what you need, and that can confuse your users as such software tends
to be quite "chatty". If you do have dialup, you could simply not put this
computer on your LAN...
Regardless, get good, antivirus software running and keep it updated
regularly. If you have more than a handful of computers, get centrally
managed antivirus so you can control it all from one location.
