I just did a security check at Gibsons website, while running my W2K operating system.
The results indicate I have a port open that should be most definitily closed.
How do I go about closing the port ?
Thanks.
Full Version: Closing open ports
Hi DS
Thought it might be best to move your topic to the Security forum.
Depending on a couple of things (what port it is, if you're networked to another computer, etc.), it may need to be open in order to communicate with another computer.
If you're not behind a firewall, you may want to consider getting one.
Thought it might be best to move your topic to the Security forum.
Depending on a couple of things (what port it is, if you're networked to another computer, etc.), it may need to be open in order to communicate with another computer.
If you're not behind a firewall, you may want to consider getting one.
Patti,
I have a firewall, but I don't trust 'em fully. What I was doing is messing around with W2K o.s. & IIS .
I went to Gibsons and probed my ports, and it came up with this port that is directly related to storing credit card info. Port 4?? sumthin' . I will get the intire number if you need it.
Akk.. I am stupid. How did this happen
Thanks.
I have a firewall, but I don't trust 'em fully. What I was doing is messing around with W2K o.s. & IIS .
I went to Gibsons and probed my ports, and it came up with this port that is directly related to storing credit card info. Port 4?? sumthin' . I will get the intire number if you need it.
Akk.. I am stupid. How did this happen
Thanks.
Admittedly, I know nothing about IIS, but until someone comes along that might be able to help you out with the security issues of it, maybe you could poke around here and see if you can find something that will assist you.
That's an excellent link Patti posted for you to read (Good work Patti 
). That should give you the information you need. It's especially important for you to obtain all the security updates for IIS.
). That should give you the information you need. It's especially important for you to obtain all the security updates for IIS.
Thanks, I will get to reading.
The port is 443
The port is 443
If you don't trust firewalls, you're neglecting to utilize an integral part of your network security. Firewalls are the only controls you have when blocking unwanted traffic.
When you run a secure server, SSL Clients wanting to connect to your Secure server will connect on port 443. This port needs to be open to run your own Secure Transaction server, but watched very closely. Your web server also MUST be kept separate and isolated from the rest of your internal network. This is when you use your router/firewall. You need to establish filtering rules that block TCP connections originating from the Web server, as a Web server typically does not depend on other services on the public network. In general, all UDP and ICMP traffic should be blocked. Directory services such as LDAP to retrieve previously stored user information and SQL to retrieve up-to-date content information along with SMTP email need to be placed on other servers. You should only permit connections from your Web server to your internal DNS server (for DNS lookups in the public network). The internal DNS server can then relay requests to the appropriate external DNS server for resolution.
When you run a secure server, SSL Clients wanting to connect to your Secure server will connect on port 443. This port needs to be open to run your own Secure Transaction server, but watched very closely. Your web server also MUST be kept separate and isolated from the rest of your internal network. This is when you use your router/firewall. You need to establish filtering rules that block TCP connections originating from the Web server, as a Web server typically does not depend on other services on the public network. In general, all UDP and ICMP traffic should be blocked. Directory services such as LDAP to retrieve previously stored user information and SQL to retrieve up-to-date content information along with SMTP email need to be placed on other servers. You should only permit connections from your Web server to your internal DNS server (for DNS lookups in the public network). The internal DNS server can then relay requests to the appropriate external DNS server for resolution.
Whew! Glad someone came along who could assist DS with this one.
Although IIS stuff is out of my league, when I looked around at that IIS Security Site, it seemed to contain more than enough information and further links. I'm glad it got the stamp of approval from our Security Expert
Although IIS stuff is out of my league, when I looked around at that IIS Security Site, it seemed to contain more than enough information and further links. I'm glad it got the stamp of approval from our Security Expert
I agree .... wheww !! Thanks for the info, I am trying to digest it all.
Thankyou.
Thankyou.
You're welcome, DS.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.