'RE: [bidworks] Win2k Router Question'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       blackicedefender-technical
Subject:    RE: [bidworks] Win2k Router Question
From:       "Juancho Forlanda" <juancho () networkice ! com>
Date:       2000-09-05 21:23:55
[Download RAW message or body]

Dear User,

If you only want certain IP addresses to have access to the services your
system provides, then you can do the following:

a.  Set your security level to Paranoid
b.  Add the appropriate IP addresses to your trusted list (this will serve
as your IP access list)
c.  Open blackice.ini and remove those same IP addresses from the line that
begins with: "exclude.address=".
d.  Stop and start the BlackICE engine.  By doing c and d, those same IP
addresses are removed from the trusted list, but are allowed into your
system regardless.  In addition, BlackICE will continue to monitor traffic
from those IP addresses.  This gives you the benefit of at least doing
intrusion detection on those systems that are in your access list, thus
keeping you abreast of any potential security breach just in case one of
them gets compromised.

Regards,
NetworkICE Tech. Support
  -----Original Message-----
  From: rshearer@ionline.com [mailto:rshearer@ionline.com]
  Sent: Tuesday, September 05, 2000 10:02 AM
  To: bidworks@egroups.com
  Subject: [bidworks] Win2k Router Question




       My Groups | bidworks Main Page | Start a new group!


  I am running a Windows 2000 Server as a router with NAT. I also have
  an FTP/Web server running on this same machine. I would like to know
  if Black Ice will work to provide Firewall protection on this machine.

  The main things I would like to accomplish are:

  IP Access lists. Keep everyone out except for the IP's I want.

  Stealh the ports that are running. I do not want any ports to show up
  on a port scan.

  Will the fact that the FTP/Web services are running on the same
  machine that is providing NAT and routing cause any problems?

  Thanks,

  Russ


  To Post a message, send it to:   bidworks@eGroups.com
  To Unsubscribe, send a blank message to: bidworks-unsubscribe@eGroups.com



[Attachment #3 (text/html)]

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=us-ascii" http-equiv=Content-Type>
<META content="MSHTML 5.00.2920.0" name=GENERATOR></HEAD>
<BODY><br>

<!-- |**|begin egp html banner|**| -->

<table border=0 cellspacing=0 cellpadding=2>
<tr bgcolor=#FFFFFF>
<td colspan=2 width=470><!-- |@|begin eGroups banner|@| runid: 8973 crid: 3711 -->
<a target="_blank" href="http://click.egroups.com/1/8973/8/_/168401/_/968188670/"><center>
 <img width="468" height="60"
  border="0"
  alt=""
  src="http://adimg.egroups.com/img/8973/8/_/168401/_/968188670/WarningBooks468x602E.gif"></center><center><font \
color="black"></font></center></a> <!-- |@|end eGroups banner|@| --></td>
</tr>
<tr bgcolor=#FFFFCC valign=middle>
<td width=77><a href="http://www.egroups.com/"><img border=0 \
src="http://www.egroups.com/img/logo/logo72.gif" width="72" height="32" \
alt="eGroups"></a></td> <td width=388>
<font size="-1">
<a href="http://www.egroups.com/mygroups">My Groups</a> |
<a href="http://www.egroups.com/group/bidworks">bidworks Main Page</a>
> <!-- |@|begin eGroups banner|@| runid: 8150 crid: 4125 --><a target="_blank" \
> href="http://click.egroups.com/1/8150/8/_/168401/_/968188670/">Start a new \
> group!</a><!-- |@|end eGroups banner|@| --></font>
</td>
</tr>
</table>
<br>

<!-- |**|end egp html banner|**| -->

<p>


<DIV><FONT color=#0000ff face=Arial size=2><SPAN class=918521421-05092000>Dear 
User,</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN class=918521421-05092000>If you 
only want certain IP addresses to have access to the services your system 
provides, then you can do the following:</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>a.&nbsp; Set your security level to 
Paranoid</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>b.&nbsp; Add the appropriate IP addresses to your 
trusted list (this will serve as your IP access list)</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>c.&nbsp; Open blackice.ini and remove those same IP 
addresses from the line that begins with: </SPAN></FONT><FONT color=#0000ff 
face=Arial size=2><SPAN class=918521421-05092000>"exclude.address=".&nbsp; 
</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>d.&nbsp; Stop and start the BlackICE engine.&nbsp; By 
doing c and d, those same IP addresses are removed from the trusted list, but 
are allowed into your system regardless.&nbsp; In addition, BlackICE will 
continue to monitor traffic from those IP addresses.&nbsp; This gives you the 
benefit of at least doing intrusion detection on those systems that are in your 
access list, thus keeping you abreast of any potential security breach&nbsp;just 
in case one of them gets compromised.</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000></SPAN></FONT>&nbsp;</DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>Regards,</SPAN></FONT></DIV>
<DIV><FONT color=#0000ff face=Arial size=2><SPAN 
class=918521421-05092000>NetworkICE Tech. Support</SPAN></FONT></DIV>
<BLOCKQUOTE style="MARGIN-RIGHT: 0px">
  <DIV align=left class=OutlookMessageHeader dir=ltr><FONT face=Tahoma 
  size=2>-----Original Message-----<BR><B>From:</B> rshearer@ionline.com 
  [mailto:rshearer@ionline.com]<BR><B>Sent:</B> Tuesday, September 05, 2000 
  10:02 AM<BR><B>To:</B> bidworks@egroups.com<BR><B>Subject:</B> [bidworks] 
  Win2k Router Question<BR><BR></DIV></FONT><BR>
  <P><TT>I am running a Windows 2000 Server as a router with NAT. I also have 
  <BR>an FTP/Web server running on this same machine. I would like to know 
  <BR>if Black Ice will work to provide Firewall protection on this 
  machine.<BR><BR>The main things I would like to accomplish are:<BR><BR>IP 
  Access lists. Keep everyone out except for the IP's I want.<BR><BR>Stealh the 
  ports that are running. I do not want any ports to show up <BR>on a port 
  scan.<BR><BR>Will the fact that the FTP/Web services are running on the same 
  <BR>machine that is providing NAT and routing cause any 
  problems?<BR><BR>Thanks,<BR><BR>Russ<BR><BR></TT><BR><TT>To Post a message, 
  send it to:&nbsp;&nbsp; bidworks@eGroups.com<BR>To Unsubscribe, send a blank 
  message to: bidworks-unsubscribe@eGroups.com</TT> 
<BR></P></BLOCKQUOTE>
<br>
<tt>
To Post a message, send it to:&nbsp;&nbsp; bidworks@eGroups.com<BR>
To Unsubscribe, send a blank message to: bidworks-unsubscribe@eGroups.com</tt>
<br>

</BODY></HTML>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic