Posts: 3
Joined: 25.Nov.2003
From: Cheltenham, UK
Status: offline
I am trying to block incoming requests to port zero but with little success. I tried creating a custom TCP filter for local port 0 but that seems to block *all* traffic.
Posts: 3
Joined: 25.Nov.2003
From: Cheltenham, UK
Status: offline
Neither, I'm afraid. I actually *meant* port 0. Although programming interfaces like SOCKETs cannot connect to this port and use the zero value to indicate "any" you can use various RAW socket librarys to probe machines on this port (apprently). Check out the "Shields Up" firewall tester at http://grc.com.
I thought my configuration of ISA server was OK but a "port 0" probe has been added to the tests at "Shields Up" recently and my server is now detectable on port zero and annoyingly I have not been able to reconfigure my ISA Server machine without blocking all traffic.
Posts: 14
Joined: 5.Nov.2003
From: Virginia Beach
Status: offline
Port zero is used by microsoft as there big brother port. After doing some research I have not found any way to block this port. When a new OS is installed you will see heavy Port 0 activity for a short period of time. Then all traffic on port 0 should stop. I have discussed this with many of my colleages in the IT security industry. They all tell me the same thing. To there knowledge there is no way to block it. I am not convinced that they are correct, but since I work for a gov agency I will have to accept there response at this time. If anyone else has any further info please let the rest of us know. I would really like to make the most secure firewall possible, while still having functionality.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Blocking port 0 
Blocking port 0 - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread