impala Posted December 17, 2005 Report Share Posted December 17, 2005 I started with Retrospect client 6.0.110 and WindowsXP Pro SP2 The client had a tool to open the windows firewall for retrospect, and did so automatically. Problem is, it opens port 497 to the world. That permits the possibility someone in the world could hack your port 497 and steal your data or take over your comptuer. Better than being broken, but not a great idea. Also, the client adds the firewall exception in a way that doesn't show up in the general Programs and Services list of the Exceptions tab of the Windows Firewall gui. To find the modification, you have to open the Advanced tab, select a specific Connection, and click Settings... The same Services will show up for each Connection from the windows command line you can see this using: Code: netsh firewall show portopening I wanted to restrict the access to the port 497, so after installing the client, I used these commands in a batch file: Code: netsh firewall delete portopening protocol = TCP port = 497 interface = "Local Area Connection" netsh firewall add portopening ALL 497 retrospect enable custom 172.19.112.0/255.255.255.0 (my retrospect backup server has a DHCP'ed address on 172.19.112.*) This restricts access to port 497 to only computers on the same subnet as my retropsect server. It would be even safer to restrict access to only my retrospect server and no other machine. But, what if I someday have a second server? Also, it shows the exception in the normal Exception tab mentioned above. Then I used the .rcu file to update to Retrospect client 6.5.136 it opened the firewall to the world again, this time with both TCP and UDP protocols. So, I had to add a second command to delete the UDP protocol: Code: netsh firewall delete portopening protocol = UDP port = 497 interface = "Local Area Connection" netsh firewall delete portopening protocol = TCP port = 497 interface = "Local Area Connection" IT DIDN'T WORK! Apparently the 6.5.136 version of retfwset.exe sets the UDP port in a strange way because it displays wierdly in the command-line configuration: Code: C:\>netsh firewall show portopening Port configuration for Local Area Connection: Port Protocol Mode Name ------------------------------------------------------------------- 497 TCP Enable Retrospect Client 497 (nu Enable Retrospect Client [uDP] WTF is (nu ?!? I cannot delete the supposed UDP port with the command in the batch file. The only way to delete this thing is through the GUI; where it does seem to show properly. DANTZ needs to fix their retfwset.exe or go back to the 6.0.110 version. Link to comment Share on other sites More sharing options...
natew Posted December 22, 2005 Report Share Posted December 22, 2005 Hi retsetfw should not run when you update using an rcu file. Did it pop up on your system after you updated? Thanks Nate Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.