Windows Server - Port Number Security

I have a W2003 server I am trying to block access to on our LAN with a
simple Linksys wired router. I have set up the router to block ports 135-139
(TCP/UDP), 42 UDP, and 443 (TCP/UDP). If a client types \\servername the
lookup fails, but if he types \\server'sipaddress it prompts for login.
Which other port must I block to stop this.?
Thanks
bucrepus

  Dave replied...

personally i block everything, then only open the ports needed for specific
access.

  S. Pidgorny replied...

445/TCP

--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-

* http://sl.mvps.org * http://msmvps.com/blogs/sp *

greatly appreciated. Thanks in advance. Windows Server SBS Discussions ExternalIP (1) Surfboards (1) Actiontec (1) Linksys (1) Webcam (1) Grover (1) Moto (1) DA4B8E8E84DC (1) Thank you for your quick response. I recently installed a Linksys WRT 160N wireless router. That router is connected directly to a switch that is connected Your camera problem probably has something to do with port forwarding configuration on your new Linksys router. I'm guessing the camera access is a web app, and that there were configuration, and all of the ports that were forwarded there can be configured into the Linksys router. There are probably port 25, port 443, port 444, and port 4125 configurations there can remove them from the Comcast Modem / Router, and re-enable the firewall on the Linksys router. You probably really want that Comcast Modem / Router to stop blocking any traffic so that it alll flows smoothly into the Linksys router. Good luck! -e- On Jul 15, 8:32 = A0am, moyondizvo <moyondi. . .@> y ess my idea e. F3 and Simon both raise good points. In particular, DHCP enabled on the Linksys could be a problem, especially if these issues arose around the time you installed it want to see a ping reply you need to turn ON IMCP. (I think the Linksys is default OFF NOW which is good IMO.) Next you should NOT turn off the

so please be kind. Here's what I've got: ISP's modem connects to Linksys router. ISP assigns a DHCP address and DNS servers. Linksys router's LAN address is 192.168.1.1. Linksys router is also serving DHCP for wireless internet access. Server with (2) NIC's. NIC1 have VPN access to the LAN hosted by one of the Win2k3 servers through the linksys router. Each network works fine independent of each other. Thank you in advance. - - Matt Beals Linsys box. Everything else has one nic and sits on the LAN side of the Linksys box. The Linksys box is the only thing running DHCP (from your perspective). The Linksys acts as a DHCP Client on the WAN side toward the ISP, . . there is no configuration for you to do there, . . just leave it. Then the Linksys box acts as a DHCP Server toward your LAN. Leave it at the Defaults, . . .at

Active Directory upgrade from W2000 to W2003 Windows Server I am currently running all my DC with W2000. I want to replace them by new servers running W2003 and therefore need to upgrade my AD to W2003. According to a book and articles I read until now, it seems I have 2 upgrade : upgrade my current DC which holds FSMO roles and is currently running W2000 to W2003, but this is not the best for me as I want to replace my old servers 2) Clean and Pristine migration : create a new domain on a new W2003 server and migrate my resources : a lot of work I was wondering is the following procedure wouldn't upgrade my AD to W2003 too: Introduce a new W2003 member server in the domain, run W2003 forest prep and domain prep, promote the new W2003 server as DC, move the FSMO

consists of about 30 users (PCs) on an internal network which goes out via a linksys router to the internet through a dual T1 (running at 3mb up and down). For in some 'experts', what would they be able to do? My network looks like this: LinkSys Router - -- Switches - -- Workstations and Domain Controller - - Internet - -- -- ADTRAN - -- -- - Switch - -- -- Web / FTP Server - - - -- -- -- -- - Teleconference Equipment Its my plan to place an ISA server in place of the Linksys router on a temporary basis until I find the person responsible. The Web / FTP Server and Teleconference equipment have public IPs so that is why they are not behind the linksys router. I know for sure that the teleconference equipment is not the culprit as it up when running and I know what that is. Also, I know its behind the linksys because when the bandwidth is really bad, I can power cycle the linksys router or just unplug the LAN cable from it for a few moments and then predefined ports so I would need an old style hub in between the switch and linksys router, which I do not have. Back to my last question, what would an 'expert hints" to who it might be, . . .it is not going to announce them. Home user Linksys NAT boxes are not sufficient for businesses. You should have already replaced the Linsys box

So the risk it that the user's own password is displayed to the user? - - Svyatoslav Pidgorny, MS MVP - Security, MCSE - = F1 is the key = - * http: / / sl.mvps.org * http: / / msmvps.com / blogs / sp * Apparently you therefore mustn't be used by acessing supposedly protected, personal information, via ftp or toherwise. - - Svyatoslav Pidgorny, MS MVP - Security, MCSE - = F1 is the key = - * http: / / sl.mvps.org * http: / / msmvps.com / blogs / sp * You did thinking is the only right one. Printing in all capitals doesn't really prove anything. - - Svyatoslav Pidgorny, MS MVP - Security, MCSE - = F1 is the key = - * http: / / sl.mvps.org * http: / / msmvps.com / blogs / sp * I look the limit of my knowledge. I'd love to be educated if the alternative exists. - - Svyatoslav Pidgorny, MS MVP - Security, MCSE - = F1 is the key = - * http: / / sl.mvps.org * http: / / msmvps.com / blogs / sp * OK, to