[ale] Open Source Firewall for Windows 2000/XP?
Jonathan Glass
jonathan.glass at ibb.gatech.edu
Tue Jun 8 09:28:19 EDT 2004
On Tue, 2004-06-08 at 09:19, Geoffrey wrote:
> Jonathan Glass wrote:
> > Let me restate that. The Windows Firewall I mentioned was using Ip
> > security policies to restrict all incoming traffic, not IPSEC. I
> > abbreviated improperly.
> >
> > The problem here is that when you are using IP security policies in
> > 2000/XP, despite what policies you set (deny all incoming), the Windows
> > default behavior is to accept all traffic with a source port of
> > 500|88|(others).
> >
> > Sorry for the miscommunication.
>
> Ah, typical M$ solution. Do what we (M$) is right regardless of what
> the use specifies. After all we (M$) know better then the stupid user...
>
> Is it possible to explicitly block these ports, or are they ALWAYS open?
Therein lies the rub. I have gone through my client machines, and
killed these services, and closed the ports, but port scanning the
machines using a source port of 500 still allows me full access to the
boxes. :(
--
Jonathan Glass
Systems Support Specialist II
Institute for Bioengineering & Bioscience
Georgia Institute of Technology
Email: jonathan.glass at ibb.gatech.edu
Office: 404-385-0127
Fax: 404-894-2291
More information about the Ale
mailing list