I have a DC that uses a 56k dial on demand device to connect my LAN to the internet with using NAT . There are no changes to how the DC handles security in regards to a default install of windows 2000 advanced server plus DHCP , DNS , ACTIVE DIRECTORY , ROUTING AND REMOTE ACCESS. This server has all updates.
I did an NMAP scan on my linux box and found this
Nmap run completed -- 1 IP address (1 host up) scanned in 25 seconds
[root@localhost root]# nmap -sS (x.x.x.x)
Starting nmap V. 2.54BETA22 ( )
Interesting ports on (myserver)
(x.x.x.x):
(The 1528 ports scanned but not shown below are in state: closed)
Port State Service
88/tcp open kerberos-sec
135/tcp open loc-srv
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
389/tcp open ldap
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
1002/tcp open unknown
1026/tcp open nterm
1723/tcp open pptp
5800/tcp open vnc
5900/tcp open vnc
Nmap run completed -- 1 IP address (1 host up) scanned in 51 seconds
NOW when I scaned my home cable ip address that connects to a LinkSys 4 port router nmap reported
[root@localhost root]# nmap -sS x.x.x.x
Starting nmap V. 2.54BETA22 ( )
Interesting ports on (cable connection) (x.x.x.x):
(The 1541 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
I am no expert on ports I know I can close the vnc ports on DC by closing that program, but the rest? I have no idea what to do to secure them.
any input would be welcomed for a 1st time install of windows 2000 server on a small lan
I did an NMAP scan on my linux box and found this
Nmap run completed -- 1 IP address (1 host up) scanned in 25 seconds
[root@localhost root]# nmap -sS (x.x.x.x)
Starting nmap V. 2.54BETA22 ( )
Interesting ports on (myserver)
(x.x.x.x):
(The 1528 ports scanned but not shown below are in state: closed)
Port State Service
88/tcp open kerberos-sec
135/tcp open loc-srv
137/tcp filtered netbios-ns
138/tcp filtered netbios-dgm
139/tcp filtered netbios-ssn
389/tcp open ldap
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
1002/tcp open unknown
1026/tcp open nterm
1723/tcp open pptp
5800/tcp open vnc
5900/tcp open vnc
Nmap run completed -- 1 IP address (1 host up) scanned in 51 seconds
NOW when I scaned my home cable ip address that connects to a LinkSys 4 port router nmap reported
[root@localhost root]# nmap -sS x.x.x.x
Starting nmap V. 2.54BETA22 ( )
Interesting ports on (cable connection) (x.x.x.x):
(The 1541 ports scanned but not shown below are in state: closed)
Port State Service
80/tcp open http
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
I am no expert on ports I know I can close the vnc ports on DC by closing that program, but the rest? I have no idea what to do to secure them.
any input would be welcomed for a 1st time install of windows 2000 server on a small lan
