Your location:Tech News>OS>Windows 2000>Use the IPSec IP Filter List in Windows 2000

Latest News

Use the IPSec IP Filter List in Windows 2000

Author:fsadmin

Views:

You can use Internet Protocol Security (IPSec) to protect network communications on Windows 2000-based computers. IPSec is suitable for communication based on IPSec policy. You can use IPSec policies to determine when you should use IPSec to protect communications between computers. You can also use IPSec policies to control the data packets allowed to enter and exit the computer network interface.

IPSec policy is based on two elements: \u0026bull; IP filter list

- and- \u0026bull; IP filter operation Internet Protocol (IP) filter list is a protocol and List of folders. For example you can create a filter list item that allows all computers to access TCP port 80 on the local interface. Another item in the same filter list may allow access to TCP port 25 on the local interface and a third filter list item may allow access to User Datagram Protocol (UDP) port 53 on the local interface.

If the packet arriving at the computer interface has a matching item in the filter list the IPSec policy agent will apply the filter operation you assigned to the filter list. For example if you assign a \u0026ldquo;block\u0026rdquo; filter operation to the above filter list then any packet sent to TCP port 80 TCP port 25 or UDP port 53 will be blocked. However if you assign a \u0026ldquo;allow\u0026rdquo; filter operation to the above filter list data packets are allowed to be sent to TCP port 80 TCP port 25 or UDP port 53.

You can use the IPSec filter list and filter operations to effectively control access to all interfaces. Note that the IPSec policy will be applied to all interfaces on the multi-master computer. You cannot selectively apply IPSec policies to specific interfaces.

Windows 2000 includes the following two default IP filter lists: \u0026bull; All ICMP communications

- and- \u0026bull; There are three default filter operations for all IP communications: \u0026bull; Allow

- and- \u0026bull; Request security settings (optional)

- and- \u0026bull; Need security settings Back to top How to create an IPSec filter list to create To apply a list of IPSec filters to inbound TCP port 80 and TCP port 25 do the following: 1. Click Start point to Programs point to Administrative Tools and then click Local Security Policy. 2. Click to expand Security Settings. 3. Right-click the IP Security Policy in the left pane and then click \u0026ldquo;Manage IP Filters\u0026rdquo;. 4. Click the Manage IP Filter List tab in the \u0026ldquo;Manage IP Filter List and Filter Operation\u0026rdquo; dialog box and then click Add. 5. Type inbound TCP 80 and 25 in the Name box and then type in the description box to allow inbound communication to TCP ports 80 and 25. 6. Click to clear the Use the \u0026ldquo;Add Wizard\u0026rdquo; check box and then click Add to add a new filter list item. 7. Click the Addressing tab. 8. In the \u0026ldquo;Source Address\u0026rdquo; box click any IP address. 9. In the \u0026ldquo;Destination Address\u0026rdquo; box click My IP Address. This configuration indicates that the filter will be applied to inbound packets. 10. Click to clear the Mirror check box. 11. Click the Protocol tab. 12. In the 'Select Protocol Type' box click TCP. 13. Click \u0026ldquo;From any port\u0026rdquo; and then click \u0026ldquo;To this port\u0026rdquo;. 14. Type 80 in the \u0026ldquo;To this port\u0026rdquo; box. 15. Click Apply and then click OK. 16. In the IP Filter List dialog box click Add. 17. Click the Addressing tab. 18. In the \u0026ldquo;Source Address\u0026rdquo; box click any IP address. 19. In the \u0026ldquo;Target Address\u0026rdquo; box click My IP Address. This configuration indicates that the filter will be applied to inbound packets. 20. Click to select the Mirror check box. After doing this a filter with opposite source and destination IP addresses will be created. 21. Click the Protocol tab. 22. In the \u0026ldquo;Select Protocol Type\u0026rdquo; box click TCP. 23. Click \u0026ldquo;From any port\u0026rdquo; and then click \u0026ldquo;To this port\u0026rdquo;. 24. Type 25 in the \u0026ldquo;To this port\u0026rdquo; box. 25. Click Apply and then click OK. 26. In the IP Filter List dialog box click Close. Back to top How to create an IPSec policy based on a filter list To create an IPSec policy based on a filter list do the following: 1. Right-click IP Security Policy in the left pane and then click Create IP Security Policy. 2. In the 'Welcome to the IP Security Policy Wizard' click Next. 3. In the Name box of the IP Security Policy Name dialog box type Allow inbound TCP 80 and 25 and then click Next. 4. Click to clear the \u0026ldquo;Activate default response rules\u0026rdquo; check box and then click Next. 5. In the Completing the IP Security Policy Wizard dialog box click to select the \u0026ldquo;Edit Properties\u0026rdquo; check box (if it is not already selected) and then click Finish. 6. Click the Rules tab. 7. Click to clear the Use the \u0026ldquo;Add Wizard\u0026rdquo; check box and then click Add. 8. Click the IP Filter List tab. 9. Click the 'Inbound TCP 80 and 25 IP Filter List' option on the left. 10. Click the Filter Action tab. 11. Click Allow option on the left. 12. Click Apply and then click OK. 13. The 'Inbound TCP 80 and 25 filter list' checkbox is selected. Click Close. The IPSec policy checks the packets sent to TCP port 80 and TCP port 25 on the local interface and then matches these packets with the 'Allow' filter operation that allows the packets to pass through this interface.

Note: If you assign this policy all communications will be allowed because there is no 'reject' rule that prevents other communications. If you want to allow only the communications specified in the above policy you must create a \u0026ldquo;reject\u0026rdquo; rule that denies all communications.?Ransomware written in .net——Satyr ransomware

Recommend article

Relate article