IPSEC filter to protect IIS ;-)

Steve Bernard sbernard at gmu.edu
Sun Jan 18 18:51:55 GMT 2004


This is Microsoft's recommended way of using IPSEC filters to protect IIS
from various worms. What a great concept! ;)

"The following example blocks inbound access to TCP port 80 but still allows
outbound TCP 80 access. This policy is sufficient to protect computers that
run Microsoft Internet Information Services (IIS) 5.0 from the "Code Red"
and "Nimda" worms.

ipsecpol -w REG -p "Block TCP 80 Filter" -r "Block Inbound TCP 80 Rule" -f
*=0:80:TCP -n BLOCK -x"


Ref. Microsoft Knowledge Base Article - 813878
http://support.microsoft.com/default.aspx?scid=kb;[LN];813878


Steve



More information about the unisog mailing list