8

I've just purchase a Windows Server 2008 R2 VPS plan and I was alarmed to see the default configuration had Windows firewall disabled. I've enabled the firewall and disabled most of the inbound rules, but I have some uncertainty about the rules in the Core Networking category. I know that I don't want DHCP in, so I've disabled both the IP4 and IP6 versions, but I'm at a loss for the other entries in this category:

IGMP
IPHTTPS
IPv6
Multicast Listener Done, Query, Report and Report v2
Neighbor Discovery Advertisement and Solicitation
Packet Too Big
Parameter Problem
Router Advertisement
Router Solicitation
Teredo
Time Exceeded

The only planned inbound connections for this server are HTTP, HTTPS, and RDP, so my preference is to disable all of these rules. However, I want to make sure this isn't going to cause any unexpected problems.

Paul Keister
  • 243
  • 3
  • 8

2 Answers2

6

You absolutely should leave these on ...

  • Packet Too Big

  • Parameter Problem

  • Time Exceeded

You absolutely should leave these on if you are going do be doing any IPv6

  • IPv6

  • Multicast Listener Done, Query, Report and Report v2

  • Neighbor Discovery Advertisement and Solicitation

  • Router Advertisement

  • Router Solicitation

And I would disable these ...

  • IPHTTPS

  • Teredo

  • IGMP (unless your doing IPv4 multicasting)

Mike F
  • 340
  • 1
  • 6
  • I have some time to explain my answer ... "Packet Too Big" is required for PMTUD and if you drop this packet a small number of your users, particularly if they connect via vpn's or tunnels, may not be able to connect to your site. – Mike F Jul 19 '11 at 18:04
1

You're good in blocking the others as they are mainly internetworking protocols with other networking equipment.

user48838
  • 7,393
  • 2
  • 17
  • 14