This post will show you how to build IPsec policy rule using command line on your Windows server 2003.
Lets say we want to block TCP 80 port to make internal web sites inaccessible. First of all we need to create IPsec policy. To do it open command line and type:
netsh ipsec static add policy name=”Block TCP port 80″ description=”Block any internal web sites”
Next step is to create filter for newly created policy. To create it type:
netsh ipsec static add filter filterlist=”80 TCP” srcaddr=any srcport=0 dstaddr=me dstport=80 protocol=tcp mirrored=yes
srcaddr – source address
srcport – source port
dstaddr – destination address
dstport – destination port
Next lets create filter action to block traffic. To do it type:
netsh ipsec static add filteraction name=block action=block
Now we have all needed components to build IPsec policy rule. Policy, filter and filter action. To build policy rule type:
netsh ipsec static add rule name=”Block TCP 80″ policy=”Block TCP port 80″ filterlist=”80 TCP” filteraction=”block”
And the last step is to activate newly created rule. To do it type:
netsh ipsec static set policy name=”Block TCP port 80″ assign=y
This post will show you how to change binding order of network adapters in your Windows server. Usually you have several network adapters that are connected to different networks. Also you may have a program that uses only first connection in the network connections list and you may want to make sure that this network connection is at the top of the list. Lets check how can we change priority in this list.
To change binding order of network adapters click Start>Run, type ncpa.cpl and press OK.
In “Network Connections” window select Advanced menu and click “Advanced Settings”.
In “Adapters and Bindings” tab under “Connections” area you`ll see all your network connections. To change priority order select desired network connection and use arrows in the right to move up or down in priority list.
This post will show you how to disable NetBIOS over TCP/IP on your Windows server 2003. NetBIOS over TCP/IP is a must for legacy windows os (pre windows 2000) and applications based on NetBIOS resolving. If you dont have any of these you can get rid of NetBIOS in a few clicks.
To disable NETBIOS over TCP/IP click Start>Settings>Network Connections. Right click desired network adapter and select properties. Select “Internet protocol (TCP/IP)” in “General” tab and press “Properties”. Now press “Advanced” in “General” tab. Select “WINS” tab in “Advanced TCP/IP Settings” window. Under “NetBIOS setting” select “Disable NetBIOS over TCP/IP” and press OK two times.
This post will show you how to check if remote port is listening for incoming connections. Lets say we want to query server named “testserver” to check if TCP port 3389 (Remote desktop connection) is listening. Open command line and type:
portqry /n testserver /p TCP /e 3389
Note that portqry is part of Windows server 2003 support tools. They can be found on your OS CD (Support\Tools directory) .
If you want to capture network traffic on your Windows server 2003 this how to will show you the way to go. For this case we can use nice utility from Windows support tools netcap. When first run this tool will install Network Monitoring Driver on your server. Ok, lets say we want to monitor traffic for 15min and save all output to D:\monitoring directory. Open command line and type:
netcap /f:D:\monitoring /l:00:15:00
If you want to get rid of Network Monitoring Driver after you`ll finish traffic capture open command line and type:
netcap /remove
Note that netcap is part of Windows server 2003 support tools. They can be found on your OS CD (Support\Tools directory) .
