Durt 2 Posted November 10, 2001 I am running a game server and I want to shut down any unnecessary ports. I did a port sniff and this is what I got. Port State Service 80/tcp open http 135/tcp open loc-srv 135/udp open loc-srv 161/udp open snmp 500/udp open isakmp 1025/tcp open listen 1026/tcp open nterm 1027/udp open unknown 3389/tcp open msrdp 27015/udp open unknown The ports that need to be open are for the http server (80), traffic monitoring (161), TS (3389) and the game server (27015). I want to shut down the rest. What services do I need to shut off to do this and is that prudent. thanks. Share this post Link to post
Palos 0 Posted November 10, 2001 It would be easier and faster to use a Firewall. You can shut down ports, among other things. Try www.tinysoftware.com for a good rated firewall (for personal use it's freeware). Or if you have a cable/dsl connection, get yourself a router. You can do more fancy stuff with it, like NATing, port redirection, DHCP,etc. All configurable via browser. From looking at your last port, I would suggest you use a Punkbuster server too That would complicate your port range selection though... Share this post Link to post
Durt 2 Posted November 10, 2001 Thanks for the recommendations. We tried PB, but got more complaints after implentation than before. Now that they have stopped up[censored] PB, it doesn't stop the new cheats. A software firewall would be cool if it didn't add any latnecy to the clients and didn't eat up too much resources. We will look into that. Meanwhile, I would still like to shut down any services that don't need to be open for our simple game server. btw, the OS is w2k server. Thanks again... Share this post Link to post
Palos 0 Posted November 11, 2001 PB maybe cannot stop the new ones, but it can surely stop all of the old ones...kinda narrows it down. You can always try to bust the lama thru screenies. Looks like IIS 5.0 is running as default, make sure you stop it or uninstall it. Share this post Link to post
Durt 2 Posted November 11, 2001 We want a web server running. We are not using IIS (shut off)... we are using the W32 version of Apache. Share this post Link to post
clutch 1 Posted November 11, 2001 If you select "permit only" (in TCP/IP properties for the NIC) and enter those ports to leave open, then you should be fine as far as blocking goes. I don't use this myself, as I either use a hardware firewall of find a NAT/Proxy package that will allow for port filtering/forwarding (which Win2K does have a nice one in "Routing and Remote Access" that comes with server). This method will also include a bit more work on your part as most software firewalls have simple interfaces to guide you through your tasks. One more thing, is this system sitting on a LAN and receiving the connections to be limited from the Internet? If so, you could use 2 NICs and just lock down all the traffic on the external one. Just bear in mind this might have to take some adjustments, as I can't remember if this filter only blocks SYN/ACK packets or all traffic to the listed ports. If it indeed blocks ALL traffic, you might have some issues with DNS requests and FTP going out. If you install Routing and Remote Access, you can also install the NAT module and tweak it from there. Share this post Link to post
Durt 2 Posted November 12, 2001 Thanks a bunch, that page looks like a good read is probably exactly what we need to implement. We've had some security breaches on this exposed, stand-alone server and we need to crack down. Thanks again! Share this post Link to post
