How to strengthen port security without a firewall
The firewall can provide a very strong protection of the Server, but its cost is still.
But we will improve the safety of Server in a limited funding, which is a problem that every network management person feels very distressed.
Here I introduce you to the use of Windows comes with port management to improve security.
It can effectively solve the attack of general ports.
First, open [network and dial-up connection]
Start => Settings => Networks and dial-up connections
At this time, you can see your network card, such as: local connection
Please press it and select [Properties]
As shown below:
Then, we can see the TCP / IP project. Please select TCP / IP and then click [Properties]
As shown below:
Next, you can see the following screen:
After entering the advanced, select [Options].
At this time, we need to set [TCP / IP filtering].
So enter [Properties] for [TCP / IP Filter]
As shown below:
First give you a simple explanation of these options.
At the top [Enable TCP / IP Filter (All Adapters)], if you choose to represent all the NIC of your Server (sometimes we will install multiple network cards on the same server), you will use the same settings.
You can see that the current setting is all allowed, which is the setting without any modification after the system is installed.
This means that Server is not doing any port management, and that Server will completely expose the network. That is very unsafe.
We can set for TCP and UDP ports and IP protocols.
First we select [Allow], then press Add, add the open port to the open list.
Some common port data is provided below.
Web Service TCP 80
Mail SMTP TCP 25
Mail Pop3 TCP 110
NNTP TCP 119
FTP TCP 21
DNS UDP 53
PCANYWHERE TCP 5631 / UDP 5632
MSSQL 1433
The new setting can be used when the setting is turned on.
