Port Management on W2K Servers

  • Thread starter Thread starter Victor Williams
  • Start date Start date
V

Victor Williams

Can anyone tell me how to manage the ports on my servers?
I would like to shut down certain ports and open others,
but I don't know how. Especially with all the worms out
there.

I don't have them set up with a firewall and they're not
being used as routers.

Any help would be great.

Thanks
 
Ports are "opened" by installing an application/service that uses that port.
Ex. IIS uses port 80 to open port 80 install IIS.
Ports are "closed" by uninstalling the service/application that uses it. Ex.
To close port 80, uninstall IIS.
Ports are "blocked" by configuring a firewall. Ex. IIS installed on an
internal web server. To block Internet access, configure a firewall to block
port 80 from being accessed by the Internet. You can still access internal
web server internally.

hth
DDS W 2k MVP MCSE
 
Through the operating system, ports are open and closed by enabling or
disabling the corresponding service/application. Using netstat -an will
give you an idea what ports are listening or connected. However many of the
necessary ports needed for a functional network are the ones vulnerable to
untrusted networks, such as file and print sharing. The only way to protect
the network is with a firewall or some sort of port filtering [a distant
second alternative]. Every computer should have the minimum services
necessary to be functional. Microsoft Baseline Security Analyzer can help
with that. For instance, every installation of W2K server also has IIS up
and running on it! However do not start disabling services unless you know
which ones should NOT be disabled. As disabling the wrong service can cause
you a lot of grief . Technet Security site will help you lock down your
servers, but you really need a firewall - not on each server, but at least
at the network perimiter. Also read the Windows 2000 Security Hardening
Guide. --- Steve

http://support.microsoft.com/default.aspx?kbid=320454
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
http://securityadmin.info/faq.asp#harden -- From FAQ.
http://www.eweek.com/article2/0,4149,1239473,00.asp --- Link to Windows
2000 Security HG
 
Back
Top