|Main Archive Page > Month Archives > security-basics archives|
All, I'm working for a large school and we are deploying a new AD Forest. By policy, they don't have firewalls between their internal network and their external network, but rather only have firewalls implemented on each server. The reason for this is that are more concerned with their internal users (the students) than any host out on the Internet.
When deploying AD, we came up with an issue with using the windows fireall on the AD servers. After more research, we found out that Microsoft does not recommend using the Windows firewall on AD servers. The issue has to do with limitting the RPC ports. The MS KB articles that we found specify to open 100 RPC ports but this does not seem to be enough.
Has anyone had to deploy a FW on an AD DC in a large domain/forest? If so, how did you manage the RPC settings and which FW did you use?
Thanks so much for your help!
Dhoupt613 (at) gmail dot com
On 2/5/08, Yousef Syed <email@example.com> wrote:
> I need some advice.
> I'm currently staying in an apartment complex that provides free
> wireless Internet access.
> The access has zero crypto - not even WEP.
> What can I do on my own Laptops (Mac OS X and Windows XP Pro) to make
> my browsing/internet usage more secure? I also want to ensure that no
> one else on the network is entering my systems.
> The Windows Laptop already has Kaspersky Internet Security and various
> spyware/adware checkers etc
> Yousef Syed
-- Sent from Gmail for mobile | mobile.google.com