PDA

View Full Version : open ports

corpcomp
I am having some difficulties in getting my WIN2KSP4 stand-
alone server to pass some basic security.

Issue: Ports 1027 & 1029 are being held open by msdtc.exe
& MSTask.exe respectively.

Server Application: Proxy server/firewall, dialup 56K.

I am running WinGate as a proxy/firewall (no comments
please) and yet these 2 ports are being forced open.

No being literate in this area I would like to know if any
one has any ideas as to how to close these ports to the
outside world.

Yes I have tested the system extensively for sasser and
the like. The system appears to be clean. Running
ServerProtect 5.5 (pattern file 885) as an antivirus
solution on this server.

Any comments would be most appreciated.

corpcomp

Robert Moir
You say you don't want comments about your firewall, wingate, but if it
allows ports to be "forced open" against your wishes it is clearly
inadequate for the task at hand.

--
--
Rob Moir, Microsoft MVP for servers & security
Website - http://www.robertmoir.co.uk
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html

Kazaa - Software update services for your Viruses and Spyware.

corpcomp wrote:
> I am having some difficulties in getting my WIN2KSP4 stand-
> alone server to pass some basic security.
>
> Issue: Ports 1027 & 1029 are being held open by msdtc.exe
> & MSTask.exe respectively.
>
> Server Application: Proxy server/firewall, dialup 56K.
>
> I am running WinGate as a proxy/firewall (no comments
> please) and yet these 2 ports are being forced open.
>
> No being literate in this area I would like to know if any
> one has any ideas as to how to close these ports to the
> outside world.
>
> Yes I have tested the system extensively for sasser and
> the like. The system appears to be clean. Running
> ServerProtect 5.5 (pattern file 885) as an antivirus
> solution on this server.
>
> Any comments would be most appreciated.
>
> corpcomp


Steven L Umbach
How do you know the ports are open to the outside world? The only real way
to tell is to scan from the outside, even by using one of the self scan
sites if necessary such as http://scan.sygatetech.com/ . If they are open
reconfigure port forwarding or firewall rules to not allow them to be open.
If you are running netsat -an or such and see ports listening or connected,
that does not necessarily mean the firewall will allow connections to
hem. --- Steve



"corpcomp" wrote in message
news:a0b101c43483$510552c0$a601280a@phx.gbl...
> I am having some difficulties in getting my WIN2KSP4 stand-
> alone server to pass some basic security.
>
> Issue: Ports 1027 & 1029 are being held open by msdtc.exe
> & MSTask.exe respectively.
>
> Server Application: Proxy server/firewall, dialup 56K.
>
> I am running WinGate as a proxy/firewall (no comments
> please) and yet these 2 ports are being forced open.
>
> No being literate in this area I would like to know if any
> one has any ideas as to how to close these ports to the
> outside world.
>
> Yes I have tested the system extensively for sasser and
> the like. The system appears to be clean. Running
> ServerProtect 5.5 (pattern file 885) as an antivirus
> solution on this server.
>
> Any comments would be most appreciated.
>
> corpcomp
>