On Mon, 17 Apr 1995, Scott Barman wrote:
> Unfortunatly, one of the systems I have to support is a Windoze/NT
> (allegedly) Advanced Server system (no, I am not an NT or M$ fan and you
> can flame me in private email, if you dare). This box has to be
> accessible to the net along side a Sun box.
> 1) Has anyone done this?
> 2) What are the internet security concerns when it comes to NT?
> 3) They (I take no responsibility for this decision) want this thing
> set up on the "friendly" side of the firewall (friendly in that I
> haven't kicked it in its side, yet! :-). What are the issues in
> setting up a firewall in front of an NT box?
1. Don't use the FTP server unless you really have to. It is kind of
tricky to make it completely secure.
2. Block 137/udp and 139/tcp -- these are the NetBIOS IP ports (file
sharing, printer sharing, etc...).
These are two I can think of off the top of my head. . .
Michael Nelson (mikenel @
com) | Real programmers don't comment their
Rockville, Maryland | code. It was hard to write, it should
BSD/OS and Windows NT Development | be hard to understand.