How do I Restrict port access to single IP Address

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I want to open, but restrict access to, ports TCP 139 and TCP 445 on a
machine running XP SP2 with windows firewall enabled.

Trouble is I want to open and restrict access of these ports to a single IP
address on the network.

Does anyone know how to achieve this using Exceptions in the windows firewall?

Is it the correct tool to use?

Thanks
7 answers Last reply
More about restrict port access single address
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    On the Exceptions page highlight "File and Printer sharing" and
    select Edit. In the "Edit a Service" box highlight the port you
    wish to restrict and select "Change Scope". In the Change Scope
    box select Custom list and enter the IP address.

    --
    Nepatsfan
    "Andrew Wright" <Andrew Wright@discussions.microsoft.com> wrote
    in message
    news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
    >I want to open, but restrict access to, ports TCP 139 and TCP
    >445 on a
    > machine running XP SP2 with windows firewall enabled.
    >
    > Trouble is I want to open and restrict access of these ports to
    > a single IP
    > address on the network.
    >
    > Does anyone know how to achieve this using Exceptions in the
    > windows firewall?
    >
    > Is it the correct tool to use?
    >
    > Thanks
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Thanks Nepatsfan.

    This works for TCP 139, I can now only see the computer with the rule in its
    firewall from the IP address I specified.

    But for TCP 445 I still seem to be able to ping the machine with the rule in
    its firewall from any other machine on the network. Is this just the way it
    has to be?

    I have checked the ICMP settings on the Advanced tab, and only the 'Allow
    incomming echo request' option is ticked, but it is greyed out presumably
    because of the scope setting against TCP 445 in the exceptions.

    Thanks again!

    "Nepatsfan" wrote:

    > On the Exceptions page highlight "File and Printer sharing" and
    > select Edit. In the "Edit a Service" box highlight the port you
    > wish to restrict and select "Change Scope". In the Change Scope
    > box select Custom list and enter the IP address.
    >
    > --
    > Nepatsfan
    > "Andrew Wright" <Andrew Wright@discussions.microsoft.com> wrote
    > in message
    > news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
    > >I want to open, but restrict access to, ports TCP 139 and TCP
    > >445 on a
    > > machine running XP SP2 with windows firewall enabled.
    > >
    > > Trouble is I want to open and restrict access of these ports to
    > > a single IP
    > > address on the network.
    > >
    > > Does anyone know how to achieve this using Exceptions in the
    > > windows firewall?
    > >
    > > Is it the correct tool to use?
    > >
    > > Thanks
    >
    >
    >
    >
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    From what I can gather the "Allow incoming echo requests" is
    grayed out by default. The only way I know of to change that is
    to disable port 445. Go to the Windows Firewall Exceptions page
    and select "File and Printer Sharing". Uncheck port 445. Click OK
    twice. That should block any ping requests. You should still be
    able to access shared resources from the single IP address
    through port 139.

    Note: When I tested this there was a slight delay between when I
    disabled port 445 and incoming ping requests were blocked. It
    wasn't until the second ping attempt that the message "Request
    timed out" was returned. Further attempts were blocked.

    Keep in mind that Windows Firewall has limitations. It's fine for
    most home users but it lacks a lot of features, the least of
    which is the ability to filter outgoing traffic. If your
    concerned about security, I'd suggest using a third party
    firewall (e.g. Zone Alarm, Sygate, McAfee Personal Firewall) or a
    router that's capable of filtering port traffic.
    --
    Nepatsfan
    "Andrew Wright" <AndrewWright@discussions.microsoft.com> wrote in
    message
    news:D50E5AF3-A0FC-4539-AB67-013B3A8F4AE9@microsoft.com...
    > Thanks Nepatsfan.
    >
    > This works for TCP 139, I can now only see the computer with
    > the rule in its
    > firewall from the IP address I specified.
    >
    > But for TCP 445 I still seem to be able to ping the machine
    > with the rule in
    > its firewall from any other machine on the network. Is this
    > just the way it
    > has to be?
    >
    > I have checked the ICMP settings on the Advanced tab, and only
    > the 'Allow
    > incomming echo request' option is ticked, but it is greyed out
    > presumably
    > because of the scope setting against TCP 445 in the exceptions.
    >
    > Thanks again!
    >
    > "Nepatsfan" wrote:
    >
    >> On the Exceptions page highlight "File and Printer sharing"
    >> and
    >> select Edit. In the "Edit a Service" box highlight the port
    >> you
    >> wish to restrict and select "Change Scope". In the Change
    >> Scope
    >> box select Custom list and enter the IP address.
    >>
    >> --
    >> Nepatsfan
    >> "Andrew Wright" <Andrew Wright@discussions.microsoft.com>
    >> wrote
    >> in message
    >> news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
    >> >I want to open, but restrict access to, ports TCP 139 and TCP
    >> >445 on a
    >> > machine running XP SP2 with windows firewall enabled.
    >> >
    >> > Trouble is I want to open and restrict access of these ports
    >> > to
    >> > a single IP
    >> > address on the network.
    >> >
    >> > Does anyone know how to achieve this using Exceptions in the
    >> > windows firewall?
    >> >
    >> > Is it the correct tool to use?
    >> >
    >> > Thanks
    >>
    >>
    >>
    >>
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Nepatsfan,

    Thanks for your help in answering my question.


    "Nepatsfan" wrote:

    > From what I can gather the "Allow incoming echo requests" is
    > grayed out by default. The only way I know of to change that is
    > to disable port 445. Go to the Windows Firewall Exceptions page
    > and select "File and Printer Sharing". Uncheck port 445. Click OK
    > twice. That should block any ping requests. You should still be
    > able to access shared resources from the single IP address
    > through port 139.
    >
    > Note: When I tested this there was a slight delay between when I
    > disabled port 445 and incoming ping requests were blocked. It
    > wasn't until the second ping attempt that the message "Request
    > timed out" was returned. Further attempts were blocked.
    >
    > Keep in mind that Windows Firewall has limitations. It's fine for
    > most home users but it lacks a lot of features, the least of
    > which is the ability to filter outgoing traffic. If your
    > concerned about security, I'd suggest using a third party
    > firewall (e.g. Zone Alarm, Sygate, McAfee Personal Firewall) or a
    > router that's capable of filtering port traffic.
    > --
    > Nepatsfan
    > "Andrew Wright" <AndrewWright@discussions.microsoft.com> wrote in
    > message
    > news:D50E5AF3-A0FC-4539-AB67-013B3A8F4AE9@microsoft.com...
    > > Thanks Nepatsfan.
    > >
    > > This works for TCP 139, I can now only see the computer with
    > > the rule in its
    > > firewall from the IP address I specified.
    > >
    > > But for TCP 445 I still seem to be able to ping the machine
    > > with the rule in
    > > its firewall from any other machine on the network. Is this
    > > just the way it
    > > has to be?
    > >
    > > I have checked the ICMP settings on the Advanced tab, and only
    > > the 'Allow
    > > incomming echo request' option is ticked, but it is greyed out
    > > presumably
    > > because of the scope setting against TCP 445 in the exceptions.
    > >
    > > Thanks again!
    > >
    > > "Nepatsfan" wrote:
    > >
    > >> On the Exceptions page highlight "File and Printer sharing"
    > >> and
    > >> select Edit. In the "Edit a Service" box highlight the port
    > >> you
    > >> wish to restrict and select "Change Scope". In the Change
    > >> Scope
    > >> box select Custom list and enter the IP address.
    > >>
    > >> --
    > >> Nepatsfan
    > >> "Andrew Wright" <Andrew Wright@discussions.microsoft.com>
    > >> wrote
    > >> in message
    > >> news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
    > >> >I want to open, but restrict access to, ports TCP 139 and TCP
    > >> >445 on a
    > >> > machine running XP SP2 with windows firewall enabled.
    > >> >
    > >> > Trouble is I want to open and restrict access of these ports
    > >> > to
    > >> > a single IP
    > >> > address on the network.
    > >> >
    > >> > Does anyone know how to achieve this using Exceptions in the
    > >> > windows firewall?
    > >> >
    > >> > Is it the correct tool to use?
    > >> >
    > >> > Thanks
    > >>
    > >>
    > >>
    > >>
    >
    >
    >
    >
    >
    >
    >
  5. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    I have XP Home but have turned off XP's firewall because I use ZoneAlarm
    instead.

    How can I do that in ZA? Do I need to do this in ZA?

    Thanks.

    --

    Jeff Stevens
    Email address deliberately false to avoid spam
    jeff@stevens.com


    Nepatsfan wrote:
    > On the Exceptions page highlight "File and Printer sharing" and
    > select Edit. In the "Edit a Service" box highlight the port you
    > wish to restrict and select "Change Scope". In the Change Scope
    > box select Custom list and enter the IP address.
    >
    >> I want to open, but restrict access to, ports TCP 139 and TCP
    >> 445 on a
    >> machine running XP SP2 with windows firewall enabled.
    >>
    >> Trouble is I want to open and restrict access of these ports to
    >> a single IP
    >> address on the network.
    >>
    >> Does anyone know how to achieve this using Exceptions in the
    >> windows firewall?
    >>
    >> Is it the correct tool to use?
    >>
    >> Thanks
  6. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    I don't use Zone Alarm, so I'm unable to give you a direct
    answer. What I would suggest is that you start a new thread with
    all the details concerning what you're trying to accomplish.

    You might also consider posting your question to the forum that
    Zone Labs has setup:

    http://forum.zonelabs.org/zonelabs

    --
    Nepatsfan
    "Jeff" <jeff@phony.com> wrote in message
    news:eTVnkJMLFHA.3832@TK2MSFTNGP12.phx.gbl...
    >I have XP Home but have turned off XP's firewall because I use
    >ZoneAlarm
    > instead.
    >
    > How can I do that in ZA? Do I need to do this in ZA?
    >
    > Thanks.
    >
    > --
    >
    > Jeff Stevens
    > Email address deliberately false to avoid spam
    > jeff@stevens.com
    >
    >
    >
    > Nepatsfan wrote:
    >> On the Exceptions page highlight "File and Printer sharing"
    >> and
    >> select Edit. In the "Edit a Service" box highlight the port
    >> you
    >> wish to restrict and select "Change Scope". In the Change
    >> Scope
    >> box select Custom list and enter the IP address.
    >>
    >>> I want to open, but restrict access to, ports TCP 139 and TCP
    >>> 445 on a
    >>> machine running XP SP2 with windows firewall enabled.
    >>>
    >>> Trouble is I want to open and restrict access of these ports
    >>> to
    >>> a single IP
    >>> address on the network.
    >>>
    >>> Does anyone know how to achieve this using Exceptions in the
    >>> windows firewall?
    >>>
    >>> Is it the correct tool to use?
    >>>
    >>> Thanks
    >
    >
    >
  7. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    OK

    --

    Jeff Stevens
    Email address deliberately false to avoid spam
    jeff@stevens.com


    Nepatsfan wrote:
    > I don't use Zone Alarm, so I'm unable to give you a direct
    > answer. What I would suggest is that you start a new thread with
    > all the details concerning what you're trying to accomplish.
    >
    > You might also consider posting your question to the forum that
    > Zone Labs has setup:
    >
    > http://forum.zonelabs.org/zonelabs
    >
    >> I have XP Home but have turned off XP's firewall because I use
    >> ZoneAlarm
    >> instead.
    >>
    >> How can I do that in ZA? Do I need to do this in ZA?
    >>
    >> Thanks.
    >>
    >> --
    >>
    >> Jeff Stevens
    >> Email address deliberately false to avoid spam
    >> jeff@stevens.com
    >>
    >>
    >>
    >> Nepatsfan wrote:
    >>> On the Exceptions page highlight "File and Printer sharing"
    >>> and
    >>> select Edit. In the "Edit a Service" box highlight the port
    >>> you
    >>> wish to restrict and select "Change Scope". In the Change
    >>> Scope
    >>> box select Custom list and enter the IP address.
    >>>
    >>>> I want to open, but restrict access to, ports TCP 139 and TCP
    >>>> 445 on a
    >>>> machine running XP SP2 with windows firewall enabled.
    >>>>
    >>>> Trouble is I want to open and restrict access of these ports
    >>>> to
    >>>> a single IP
    >>>> address on the network.
    >>>>
    >>>> Does anyone know how to achieve this using Exceptions in the
    >>>> windows firewall?
    >>>>
    >>>> Is it the correct tool to use?
    >>>>
    >>>> Thanks
Ask a new question

Read More

IP Address Firewalls Windows XP