Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

firewall-wizards logo Firewall Wizards mailing list archives

Re: Host based IP ACL like TCPWrapper or IP_Filter, but for NT?
From: Bill_Royds () pch gc ca
Date: Sun, 30 May 1999 10:54:15 -0400





"Alan Morewood" <morewood () on bell ca> on 05/26/99 01:41:09 PM

Please respond to "Alan Morewood" <morewood () on bell ca>

To:   firewall-wizards () nfr net
cc:    (bcc: Bill Royds/HullOttawa/PCH/CA)
Subject:  Host based IP ACL like TCPWrapper or IP_Filter, but for NT?




Does anyone have ideas as to a feasible solution for doing IP ACL
restrictions on a DMZ host?  Or does this seem excessive considering
2-factor authentication is to be used.

details as follows:

<snip a good explanaition of the situation>

NT has no direct IP_Filter equivalent, although there is at least one option
of which I am aware.


---------------------------------------------




NT has the ability to restrict ports that can be used by machine in Control
Panel/Networks/Protocols/Advanced settings.

As well, have you looked at things like the ConSeal firewall
(http://www.signal.com) whcih fit between the Ethernet layer and TCP/IP stack to
enforce a security policy?
THis would seem like the closest to TCPWrappers for NT and it even validates
UDP/ICMP as well.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]