• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Blocking port 0

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Blocking port 0 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Blocking port 0 - 25.Nov.2003 12:15:00 PM   
pcaccess

 

Posts: 3
Joined: 25.Nov.2003
From: Cheltenham, UK
Status: offline
I am trying to block incoming requests to port zero but with little success. I tried creating a custom TCP filter for local port 0 but that seems to block *all* traffic.

I am running ISA Server SP1 on W2K SP4

Any ideas?

Regards
Tony Taylor
Post #: 1
RE: Blocking port 0 - 29.Nov.2003 8:51:00 PM   
ptwilliams

 

Posts: 277
Joined: 3.Nov.2003
From: South Wales, UK
Status: offline
Could be way off the mark here, but I assumed 0 means 'any' or 'all'.

Which kind of makes sense based on what you're saying...

Paul.

(in reply to pcaccess)
Post #: 2
RE: Blocking port 0 - 1.Dec.2003 10:05:00 AM   
pcaccess

 

Posts: 3
Joined: 25.Nov.2003
From: Cheltenham, UK
Status: offline
Neither, I'm afraid. I actually *meant* port 0. Although programming interfaces like SOCKETs cannot connect to this port and use the zero value to indicate "any" you can use various RAW socket librarys to probe machines on this port (apprently). Check out the "Shields Up" firewall tester at http://grc.com.

I thought my configuration of ISA server was OK but a "port 0" probe has been added to the tests at "Shields Up" recently and my server is now detectable on port zero and annoyingly I have not been able to reconfigure my ISA Server machine without blocking all traffic.

(in reply to pcaccess)
Post #: 3
RE: Blocking port 0 - 1.Dec.2003 10:27:00 AM   
ptwilliams

 

Posts: 277
Joined: 3.Nov.2003
From: South Wales, UK
Status: offline
grc.com's a good site -but I haven't run my ISA against it...will do now. I'll have a look for some info. re port 0 as well.

(in reply to pcaccess)
Post #: 4
RE: Blocking port 0 - 1.Dec.2003 11:30:00 AM   
pcaccess

 

Posts: 3
Joined: 25.Nov.2003
From: Cheltenham, UK
Status: offline
Thanks.

PS
Apoligies to the moderator, as, on reflection, my original post should have been in the "General" section rather than in "Firewall Client"

(in reply to pcaccess)
Post #: 5
RE: Blocking port 0 - 10.Dec.2003 9:12:00 PM   
Cl33nSw33p

 

Posts: 14
Joined: 5.Nov.2003
From: Virginia Beach
Status: offline
Port zero is used by microsoft as there big brother port. After doing some research I have not found any way to block this port. When a new OS is installed you will see heavy Port 0 activity for a short period of time. Then all traffic on port 0 should stop. I have discussed this with many of my colleages in the IT security industry. They all tell me the same thing. To there knowledge there is no way to block it. I am not convinced that they are correct, but since I work for a gov agency I will have to accept there response at this time. If anyone else has any further info please let the rest of us know. I would really like to make the most secure firewall possible, while still having functionality.

(in reply to pcaccess)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Blocking port 0 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts