Sign in with
Sign up | Sign in
Your question

How do I Restrict port access to single IP Address

Last response: in Windows XP
Share
Anonymous
February 10, 2005 5:29:02 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I want to open, but restrict access to, ports TCP 139 and TCP 445 on a
machine running XP SP2 with windows firewall enabled.

Trouble is I want to open and restrict access of these ports to a single IP
address on the network.

Does anyone know how to achieve this using Exceptions in the windows firewall?

Is it the correct tool to use?

Thanks
Anonymous
February 10, 2005 7:35:55 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

On the Exceptions page highlight "File and Printer sharing" and
select Edit. In the "Edit a Service" box highlight the port you
wish to restrict and select "Change Scope". In the Change Scope
box select Custom list and enter the IP address.

--
Nepatsfan
"Andrew Wright" <Andrew Wright@discussions.microsoft.com> wrote
in message
news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
>I want to open, but restrict access to, ports TCP 139 and TCP
>445 on a
> machine running XP SP2 with windows firewall enabled.
>
> Trouble is I want to open and restrict access of these ports to
> a single IP
> address on the network.
>
> Does anyone know how to achieve this using Exceptions in the
> windows firewall?
>
> Is it the correct tool to use?
>
> Thanks
Anonymous
February 11, 2005 6:35:03 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Thanks Nepatsfan.

This works for TCP 139, I can now only see the computer with the rule in its
firewall from the IP address I specified.

But for TCP 445 I still seem to be able to ping the machine with the rule in
its firewall from any other machine on the network. Is this just the way it
has to be?

I have checked the ICMP settings on the Advanced tab, and only the 'Allow
incomming echo request' option is ticked, but it is greyed out presumably
because of the scope setting against TCP 445 in the exceptions.

Thanks again!

"Nepatsfan" wrote:

> On the Exceptions page highlight "File and Printer sharing" and
> select Edit. In the "Edit a Service" box highlight the port you
> wish to restrict and select "Change Scope". In the Change Scope
> box select Custom list and enter the IP address.
>
> --
> Nepatsfan
> "Andrew Wright" <Andrew Wright@discussions.microsoft.com> wrote
> in message
> news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
> >I want to open, but restrict access to, ports TCP 139 and TCP
> >445 on a
> > machine running XP SP2 with windows firewall enabled.
> >
> > Trouble is I want to open and restrict access of these ports to
> > a single IP
> > address on the network.
> >
> > Does anyone know how to achieve this using Exceptions in the
> > windows firewall?
> >
> > Is it the correct tool to use?
> >
> > Thanks
>
>
>
>
Related resources
Anonymous
February 11, 2005 6:04:53 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

From what I can gather the "Allow incoming echo requests" is
grayed out by default. The only way I know of to change that is
to disable port 445. Go to the Windows Firewall Exceptions page
and select "File and Printer Sharing". Uncheck port 445. Click OK
twice. That should block any ping requests. You should still be
able to access shared resources from the single IP address
through port 139.

Note: When I tested this there was a slight delay between when I
disabled port 445 and incoming ping requests were blocked. It
wasn't until the second ping attempt that the message "Request
timed out" was returned. Further attempts were blocked.

Keep in mind that Windows Firewall has limitations. It's fine for
most home users but it lacks a lot of features, the least of
which is the ability to filter outgoing traffic. If your
concerned about security, I'd suggest using a third party
firewall (e.g. Zone Alarm, Sygate, McAfee Personal Firewall) or a
router that's capable of filtering port traffic.
--
Nepatsfan
"Andrew Wright" <AndrewWright@discussions.microsoft.com> wrote in
message
news:D 50E5AF3-A0FC-4539-AB67-013B3A8F4AE9@microsoft.com...
> Thanks Nepatsfan.
>
> This works for TCP 139, I can now only see the computer with
> the rule in its
> firewall from the IP address I specified.
>
> But for TCP 445 I still seem to be able to ping the machine
> with the rule in
> its firewall from any other machine on the network. Is this
> just the way it
> has to be?
>
> I have checked the ICMP settings on the Advanced tab, and only
> the 'Allow
> incomming echo request' option is ticked, but it is greyed out
> presumably
> because of the scope setting against TCP 445 in the exceptions.
>
> Thanks again!
>
> "Nepatsfan" wrote:
>
>> On the Exceptions page highlight "File and Printer sharing"
>> and
>> select Edit. In the "Edit a Service" box highlight the port
>> you
>> wish to restrict and select "Change Scope". In the Change
>> Scope
>> box select Custom list and enter the IP address.
>>
>> --
>> Nepatsfan
>> "Andrew Wright" <Andrew Wright@discussions.microsoft.com>
>> wrote
>> in message
>> news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
>> >I want to open, but restrict access to, ports TCP 139 and TCP
>> >445 on a
>> > machine running XP SP2 with windows firewall enabled.
>> >
>> > Trouble is I want to open and restrict access of these ports
>> > to
>> > a single IP
>> > address on the network.
>> >
>> > Does anyone know how to achieve this using Exceptions in the
>> > windows firewall?
>> >
>> > Is it the correct tool to use?
>> >
>> > Thanks
>>
>>
>>
>>
Anonymous
February 14, 2005 4:03:04 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Nepatsfan,

Thanks for your help in answering my question.


"Nepatsfan" wrote:

> From what I can gather the "Allow incoming echo requests" is
> grayed out by default. The only way I know of to change that is
> to disable port 445. Go to the Windows Firewall Exceptions page
> and select "File and Printer Sharing". Uncheck port 445. Click OK
> twice. That should block any ping requests. You should still be
> able to access shared resources from the single IP address
> through port 139.
>
> Note: When I tested this there was a slight delay between when I
> disabled port 445 and incoming ping requests were blocked. It
> wasn't until the second ping attempt that the message "Request
> timed out" was returned. Further attempts were blocked.
>
> Keep in mind that Windows Firewall has limitations. It's fine for
> most home users but it lacks a lot of features, the least of
> which is the ability to filter outgoing traffic. If your
> concerned about security, I'd suggest using a third party
> firewall (e.g. Zone Alarm, Sygate, McAfee Personal Firewall) or a
> router that's capable of filtering port traffic.
> --
> Nepatsfan
> "Andrew Wright" <AndrewWright@discussions.microsoft.com> wrote in
> message
> news:D 50E5AF3-A0FC-4539-AB67-013B3A8F4AE9@microsoft.com...
> > Thanks Nepatsfan.
> >
> > This works for TCP 139, I can now only see the computer with
> > the rule in its
> > firewall from the IP address I specified.
> >
> > But for TCP 445 I still seem to be able to ping the machine
> > with the rule in
> > its firewall from any other machine on the network. Is this
> > just the way it
> > has to be?
> >
> > I have checked the ICMP settings on the Advanced tab, and only
> > the 'Allow
> > incomming echo request' option is ticked, but it is greyed out
> > presumably
> > because of the scope setting against TCP 445 in the exceptions.
> >
> > Thanks again!
> >
> > "Nepatsfan" wrote:
> >
> >> On the Exceptions page highlight "File and Printer sharing"
> >> and
> >> select Edit. In the "Edit a Service" box highlight the port
> >> you
> >> wish to restrict and select "Change Scope". In the Change
> >> Scope
> >> box select Custom list and enter the IP address.
> >>
> >> --
> >> Nepatsfan
> >> "Andrew Wright" <Andrew Wright@discussions.microsoft.com>
> >> wrote
> >> in message
> >> news:0C8A18F1-50B8-4742-8E62-F556A236821F@microsoft.com...
> >> >I want to open, but restrict access to, ports TCP 139 and TCP
> >> >445 on a
> >> > machine running XP SP2 with windows firewall enabled.
> >> >
> >> > Trouble is I want to open and restrict access of these ports
> >> > to
> >> > a single IP
> >> > address on the network.
> >> >
> >> > Does anyone know how to achieve this using Exceptions in the
> >> > windows firewall?
> >> >
> >> > Is it the correct tool to use?
> >> >
> >> > Thanks
> >>
> >>
> >>
> >>
>
>
>
>
>
>
>
March 19, 2005 6:16:52 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I have XP Home but have turned off XP's firewall because I use ZoneAlarm
instead.

How can I do that in ZA? Do I need to do this in ZA?

Thanks.

--

Jeff Stevens
Email address deliberately false to avoid spam
jeff@stevens.com



Nepatsfan wrote:
> On the Exceptions page highlight "File and Printer sharing" and
> select Edit. In the "Edit a Service" box highlight the port you
> wish to restrict and select "Change Scope". In the Change Scope
> box select Custom list and enter the IP address.
>
>> I want to open, but restrict access to, ports TCP 139 and TCP
>> 445 on a
>> machine running XP SP2 with windows firewall enabled.
>>
>> Trouble is I want to open and restrict access of these ports to
>> a single IP
>> address on the network.
>>
>> Does anyone know how to achieve this using Exceptions in the
>> windows firewall?
>>
>> Is it the correct tool to use?
>>
>> Thanks
Anonymous
March 19, 2005 7:18:53 PM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I don't use Zone Alarm, so I'm unable to give you a direct
answer. What I would suggest is that you start a new thread with
all the details concerning what you're trying to accomplish.

You might also consider posting your question to the forum that
Zone Labs has setup:

http://forum.zonelabs.org/zonelabs

--
Nepatsfan
"Jeff" <jeff@phony.com> wrote in message
news:eTVnkJMLFHA.3832@TK2MSFTNGP12.phx.gbl...
>I have XP Home but have turned off XP's firewall because I use
>ZoneAlarm
> instead.
>
> How can I do that in ZA? Do I need to do this in ZA?
>
> Thanks.
>
> --
>
> Jeff Stevens
> Email address deliberately false to avoid spam
> jeff@stevens.com
>
>
>
> Nepatsfan wrote:
>> On the Exceptions page highlight "File and Printer sharing"
>> and
>> select Edit. In the "Edit a Service" box highlight the port
>> you
>> wish to restrict and select "Change Scope". In the Change
>> Scope
>> box select Custom list and enter the IP address.
>>
>>> I want to open, but restrict access to, ports TCP 139 and TCP
>>> 445 on a
>>> machine running XP SP2 with windows firewall enabled.
>>>
>>> Trouble is I want to open and restrict access of these ports
>>> to
>>> a single IP
>>> address on the network.
>>>
>>> Does anyone know how to achieve this using Exceptions in the
>>> windows firewall?
>>>
>>> Is it the correct tool to use?
>>>
>>> Thanks
>
>
>
March 20, 2005 1:18:01 AM

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

OK

--

Jeff Stevens
Email address deliberately false to avoid spam
jeff@stevens.com



Nepatsfan wrote:
> I don't use Zone Alarm, so I'm unable to give you a direct
> answer. What I would suggest is that you start a new thread with
> all the details concerning what you're trying to accomplish.
>
> You might also consider posting your question to the forum that
> Zone Labs has setup:
>
> http://forum.zonelabs.org/zonelabs
>
>> I have XP Home but have turned off XP's firewall because I use
>> ZoneAlarm
>> instead.
>>
>> How can I do that in ZA? Do I need to do this in ZA?
>>
>> Thanks.
>>
>> --
>>
>> Jeff Stevens
>> Email address deliberately false to avoid spam
>> jeff@stevens.com
>>
>>
>>
>> Nepatsfan wrote:
>>> On the Exceptions page highlight "File and Printer sharing"
>>> and
>>> select Edit. In the "Edit a Service" box highlight the port
>>> you
>>> wish to restrict and select "Change Scope". In the Change
>>> Scope
>>> box select Custom list and enter the IP address.
>>>
>>>> I want to open, but restrict access to, ports TCP 139 and TCP
>>>> 445 on a
>>>> machine running XP SP2 with windows firewall enabled.
>>>>
>>>> Trouble is I want to open and restrict access of these ports
>>>> to
>>>> a single IP
>>>> address on the network.
>>>>
>>>> Does anyone know how to achieve this using Exceptions in the
>>>> windows firewall?
>>>>
>>>> Is it the correct tool to use?
>>>>
>>>> Thanks
!