[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] IP Forwarding & NG & securing Win2000
As another list member mentioned, you enable routing via the registry. We learned from CP that using the RRAS to turn on routing doesn't work for FW-1. Here is the gist of the instructions: 4. Open the registry from command line by running the command "regedit" 5. Go to -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentContralSet\Services\Tcpip\Parameters 6. Change the value to "1" in the Dword key "IPEnableRouter" 7. Restart the machine I asked the same questioning about hardening Win2K recently and got these links as recommendations: http://nsa1.www.conxion.com/win2k/index.html http://www.systemexperts.com/tutors/hardenWin2K (someone else posted this today as well) http://nsa1.www.conxion.com/win2k/index.html http://csrc.nist.gov/itsec/guidance_W2Kpro.html#supporting_docs http://www.systemexperts.com/win2k/hardenW2K12.pdf http://www.shebeen.com/w2k/ http://online.securityfocus.com/infocus/1296 http://www.rtek2000.com/Tech/InternetSecureLinks.html#hard The rtek site above has links to about anything security related you could ask for. I found a lot about hardening the OS on this site. That should get you started on the hardening thing. Turning off the workstation service is definitely a good thing. >>> [email protected] 05/14/02 08:01PM >>> > In an effort to secure our FW-1 firewall running on Win2000 I disabled the Workstation service. Further reading leads me to believe that I need to turn on IP Forwarding, which is part of the Routing and Remote Access Service? In my case RRAS is also off and when I tried to launch the RRAS GUI it complained that the Workstation service was not running. > > What am I doing wrong? > > I have found documents referring to securing WinNT, but none about securing Win2000. Can you direct me to one? > > Greg Schumacher > Computer Guy > DDB Seattle >Voice >Fax > www.ddbseattle.com ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|