|
|
 | | From: | loraxxarol | | Subject: | Re: XP-SP2 firewall & opening a range of ports? | | Date: | 20 Jan 2005 08:29:26 -0800 |
|
|
 | Duane Arnold wrote:
> Sam Smith wrote:
>
> > Hi,
> >
> > I have a server which hosts a number of COM+ applications, which
are
> > connected by clients via RPC over port 135.
> >
> > Now, RPC allocates new server ports dynamically for the clients and
> > therefore I need to set-up the firewall to allow incoming
connections for
> > those dynamically allocated ports. These ports are allocated in a
port
> > range as specified by the registry, which is described by several
articles
> > at MSDN. (Btw. Microsoft recommends to specify the port range
5000-5020.)
> >
> > However, it seems to me that I cannot configure the Windows
firewall to
> > open up this range of ports! Is that really so bad??? Do I really
have to
> > manually add the ports one-by-one?!?!? Add port 5000 ok, add port
5001 ok,
> > add port 5002 ok,.....
> >
>
> I'll assume this is on a protected network using COM+ applications.
So why
> would you need XP's FW running on a machine in the first place in
that
> environment?
>
> Duane :)
Duane - I see your point, but it's not necessarily a best practice to
leave all of your computers on your LAN wide open just because you can.
Thus far, I have not figured out how to add port ranges to the XP SP2
firewall either.
- Eric
|
|
| | From: | Duane Arnold | | Subject: | Re: XP-SP2 firewall & opening a range of ports? | | Date: | Fri, 21 Jan 2005 15:03:19 GMT |
|
|
| "loraxxarol" wrote in
news:1106238566.039238.326500@f14g2000cwb.googlegroups.com:
> Duane Arnold wrote:
>> Sam Smith wrote:
>>
>> > Hi,
>> >
>> > I have a server which hosts a number of COM+ applications, which
> are
>> > connected by clients via RPC over port 135.
>> >
>> > Now, RPC allocates new server ports dynamically for the clients and
>> > therefore I need to set-up the firewall to allow incoming
> connections for
>> > those dynamically allocated ports. These ports are allocated in a
> port
>> > range as specified by the registry, which is described by several
> articles
>> > at MSDN. (Btw. Microsoft recommends to specify the port range
> 5000-5020.)
>> >
>> > However, it seems to me that I cannot configure the Windows
> firewall to
>> > open up this range of ports! Is that really so bad??? Do I really
> have to
>> > manually add the ports one-by-one?!?!? Add port 5000 ok, add port
> 5001 ok,
>> > add port 5002 ok,.....
>> >
>>
>> I'll assume this is on a protected network using COM+ applications.
> So why
>> would you need XP's FW running on a machine in the first place in
> that
>> environment?
>>
>> Duane :)
>
>
> Duane - I see your point, but it's not necessarily a best practice to
> leave all of your computers on your LAN wide open just because you can.
> Thus far, I have not figured out how to add port ranges to the XP SP2
> firewall either.
>
> - Eric
>
>
All I can tell you is that if machines are running COM+ applications
communicating with a COM+ server, then that LAN environment is going to
be a protected environment from outside intrusion. There is no need for
the computers to be running a host based FW in this environment causing
communication issues with the COM+ server and a personal FW on the
machines wouldn't be implemented in this environment none that I have
seen - most likely a business environment.
The machines are not open on my LAN because they are protected by a FW
appliance a border device and there is no need for me to be running a PFW
solution sucking up the resources on the machines.
http://tinyurl.com/8op1
You can repeat steps 1-9 as needed.
Duane :)
|
|
|
