2

We have a misbehaving daemon running on one of our Windows 2003 Servers. It telnets into localhost:5115

I have a feeling that if I can stop it from telnetting into localhost I can get it to fail gracefully.

Any ideas how I can block localhost port 5115? I'm guessing no, because the loopback adapter is not a 'real' adapter as it is in *nix.

OS is Windows Server 2003 R2

Mark Henderson
  • 68,316
  • 31
  • 175
  • 255
  • This sounds very much like a band-aid solution. Why not fix or replace the problematic process? – John Gardeniers Jan 18 '11 at 04:14
  • @John - Absolutally correct - it's a bad solution, and a bandaid, but it's pretty much my only option at the moment. It's a 10-year-old piece of software, and we do have the latest version but the work involved in upgrading is outside of my available time at the moment. – Mark Henderson Jan 18 '11 at 04:17
  • 1
    is there anything responding on that port? If there is can you stop that process? Alternatively, perhaps you could create a dummy one to do so and hopefully satisfy the problem process. Poking around the Windows firewall sure doesn't look too promising. – John Gardeniers Jan 18 '11 at 04:24
  • @John - yeah, there's a process running on that port already but maybe I could stop that process, start another one on the same port, and then start the original process - that way it won't be able to bind to the port... – Mark Henderson Jan 18 '11 at 04:29
  • Ditto what John said, also if you use cygwin netcat `nc -l -p 5115` you can see what the daemon is sending and maybe then even configure it to respond that causes the graceful failure. (assuming it's a legible protocol...) – SmallClanger Jan 18 '11 at 18:02

1 Answers1

1

Well I guess you can install a firewall software to block the specified port. Or you can go into the TCP/IP properties to enable TCP filtering - and specify the allowed ports which will not include your misbehaving port.

cwheeler33
  • 764
  • 2
  • 5
  • 16
  • 2
    I've never seen a Windows firewall software that allows you to block on `localhost`, as `localhost` is not a recognised adapter. Any suggestions on which one I can try? Same goes for TCP/IP filtering - the localhost adapter doesn't really "exist" – Mark Henderson Jan 18 '11 at 05:22
  • gimme a day or two to confirm this. I have to build a win2003 test machine for something else anyway. – cwheeler33 Jan 18 '11 at 19:01