MBSA how to set it up and how does it work
- Hi folks im kinda new here,and i wonder how MBSA works and also would like to know how to configure it properly coz even though i created losts of reg tweaks and all group policies and app stuff ,every one in a while those guys bug me with one or two echo requests guess might be vulnerabilities they find in my system by scanning it while im online,so does MBSA al suggests reg implementations as a part of the solution?
thx in advance and will be looking forward for replies!
RR
Respuestas
- Hi Ray,
oka let me try to explain it as a whole,maybe you're not understanding what im trying to say is due to a lack of information because im try9ing to write a book in 3 lines and im not completely answering your question sorry for that...
oka here i go if its possible to close port 135 i would love to (when i type netstat -a and hit enter there it shows its listening to it),other thing is yes im under heavy attacks, so in old times not too old i had a beef (sorry dunno other word for now english not my fisrt language as u see) with a kid which is hacker and knows lots of people including ppl in my internet provider,one thing i can mention is that they provide me wrong ip combination almost everytime i connect such as 189.0.12.15 things like that i mean not every time but sometimes.... so i need to get defense even against them, ive implemented a variety of security reg entries,such as dnscache,tcpip,netbt,afd and many many others,but they still succeed echo pings sometimes.....
blocking a port in firewall is not always the only solution know i mean?
oka i use internet 3G modem huawei e226 and i dont know if its possible to work with 802.1x in my internet the only authentication that is allowed from the server is PAP,im not an expert in security im just a victim of crime that had to work hard to even navigate coz in early times i could not even enter in a single web site due to ddos attacks that would freeze connections, so i use now the free OPEN DNS as dns servers,my doubt is how to create a VPN account example: the informations i need to provide to create it,so i need my VPN address,and email,how do i do it? do i need to create an account in open dns server and use those information for VPN? thats what i need to know,if you or anyone could help me out i d be really thankful and im really apreciate your replies thats nice of you....
i really need an urgent help and vpn as being a temp solution...
Thx in advance
RR- EditadoDdos_Evader lunes, 06 de julio de 2009 13:26
- Marcado como respuestaDdos_Evader miércoles, 22 de julio de 2009 23:44
Todas las respuestas
Oka mistyped lotta stuff but anyways guess its clear enough to understand my doubts,the thing is :
Is there any registry entry to completely evade echo pings ? i mean specific ones? if desired i can post my tcp implementations so you guys may suggest anything for me to do....thx in advance
RR- Oka guys heres the thing,im trying to explain many things in a too short text guess thats why makes no sense or feels a bit lack of details seomtimes ,but what i need atm is an active tool such as anti spoof and others windows 7 compatible, i use a 3g dial up modem ppp connection so any suggestions is welcome ,it feels my post will not be answered so soon but i hope so...
thx in advance
RR If I understand you correctly, you have concerns about your Internet connection on Windows 7.
Windows 7 has Windows Firewall with advanced security built-in. The default configuration blocks all incoming traffic including Ping Echo requests.
You can enable logging on the firewall to collect information about blocked and/or allowed traffic. This should tell you if you have issues on your internet connection.
Windows Firewall with Advanced Security has a MMC console that can be started from the Windows Start Menu.
Ray- Hello Ray i think you got the point in parts,yes im having problems with echo requests but i blocked all types of icmp traffic and including incoming traffic as well, echo types such as 0,0 and 8,0 but the problem concerns in types of ddos attacks like Ping of death and others like overflow type of thing and ive implemented like tons of reg entries more than thousands but still every once in a while they succeed echo pings and yes i checked already the pfirewall.log a long ago and basicly they are aiming the 135 port which i cant close the most i can do in my small experience is set a reg-SZ key like ListenOnInternt = "N" but if i could close that thing would be great like more than half of my problems solved what im looking for is like for other layers of security.....
if anyone could get me a hand i apreciate it so much!!
thx in advance
RR - In case you are looking for 3rd party security tools to do intrusion protection I cannot be of any help.
Am I correct when you say that you cannot close port 135 for incoming traffic from the Internet? Windows Firewall allows you to create network profiles and define firewall rules for each profile. This setup allows you to close port 135 from the Internet and leave it open for connections on your home or corporate network.
For corporate security you can also have a look into IPSec isolation. This allows you to block all traffic coming from untrusted sources.
Ray - Hey Ray back again,ive created rules in my firewall such as isolation,tunneling and others but i didnt get when u said u can close the port 135 from firewall if its possible can you briefly explain it to me ?
ive read about creating a VPN connection makes it safer like an extra security layer for wireless connections is that true? if so i have a few questions for you or anyone whos reading this post, i wonder which services are needed to run a VPN(i disabled lots of unused services),and also if i have to allow LT2P and PPTP in my firewall rule to connect to it,and after those i need to know how to create a VPN account like VPN Mail and other things i dont remember since i looked last time(more than a year) i believe its gonna be easier for me now to create a VPN since ive been studying and acumulation background knowledge,if you or anyone cold post a mini tutorial for me i 'd be much apreciated like how to create VPN acounts(free ones) and all those things i mentioned!!
Thx in advance(thx ray for replying me)
and will be looking forward for other replies I actually still have no clue what you are trying to accomplish.
Are you under attack on the Internet?
Windows Firewall by default blocks incoming traffic. You can log the blocked traffic for analysis. If you want more than this you have to look for 3rd party intrusion prevention solutions.
Are you looking for more security on your wireless network?
VPN is an option but not the preferred solution. I think you better look for an 802.1x based access solution combined with NAP (Network Access Protection). This has less overhead, provides better performance and is more resiliant than a VPN.
What is the issue with port 135?
Why do you need to open port 135? If you are looking for alternatives have a look at WinRM. This is the new remote management scheme in Windows 7 that will replace RPC and requires only a single port. As port 135 is blocked by default in Windows Firewall I have no idea what you are looking for here.
Am I right when I think that you say that Windows 7 is not secure enough out of the box? If that is the case you better wait for the release of the Windows 7 Security Guide by Micrsoft (and the NSA). In the mean time you can have a look at the Windows Vista Security Guide at http://www.microsoft.com/Downloads/details.aspx?FamilyID=a3d1bbed-7f35-4e72-bfb5-b84a526c1565&displaylang=en.
Ray- Propuesto como respuestaVistaGuyRay lunes, 06 de julio de 2009 9:25
- Hi Ray,
oka let me try to explain it as a whole,maybe you're not understanding what im trying to say is due to a lack of information because im try9ing to write a book in 3 lines and im not completely answering your question sorry for that...
oka here i go if its possible to close port 135 i would love to (when i type netstat -a and hit enter there it shows its listening to it),other thing is yes im under heavy attacks, so in old times not too old i had a beef (sorry dunno other word for now english not my fisrt language as u see) with a kid which is hacker and knows lots of people including ppl in my internet provider,one thing i can mention is that they provide me wrong ip combination almost everytime i connect such as 189.0.12.15 things like that i mean not every time but sometimes.... so i need to get defense even against them, ive implemented a variety of security reg entries,such as dnscache,tcpip,netbt,afd and many many others,but they still succeed echo pings sometimes.....
blocking a port in firewall is not always the only solution know i mean?
oka i use internet 3G modem huawei e226 and i dont know if its possible to work with 802.1x in my internet the only authentication that is allowed from the server is PAP,im not an expert in security im just a victim of crime that had to work hard to even navigate coz in early times i could not even enter in a single web site due to ddos attacks that would freeze connections, so i use now the free OPEN DNS as dns servers,my doubt is how to create a VPN account example: the informations i need to provide to create it,so i need my VPN address,and email,how do i do it? do i need to create an account in open dns server and use those information for VPN? thats what i need to know,if you or anyone could help me out i d be really thankful and im really apreciate your replies thats nice of you....
i really need an urgent help and vpn as being a temp solution...
Thx in advance
RR- EditadoDdos_Evader lunes, 06 de julio de 2009 13:26
- Marcado como respuestaDdos_Evader miércoles, 22 de julio de 2009 23:44
