IPSEC filter to protect IIS ;-)
sbernard at gmu.edu
Sun Jan 18 18:51:55 GMT 2004
This is Microsoft's recommended way of using IPSEC filters to protect IIS
from various worms. What a great concept! ;)
"The following example blocks inbound access to TCP port 80 but still allows
outbound TCP 80 access. This policy is sufficient to protect computers that
run Microsoft Internet Information Services (IIS) 5.0 from the "Code Red"
and "Nimda" worms.
ipsecpol -w REG -p "Block TCP 80 Filter" -r "Block Inbound TCP 80 Rule" -f
*=0:80:TCP -n BLOCK -x"
Ref. Microsoft Knowledge Base Article - 813878
More information about the unisog