Re: Which ports to block?

From: steve (securityfocus_at_delahunty.com)
Date: 07/26/04

  • Next message: Gethin Jones: "Re: Minimum password requirements"
    To: "Ferino Mardo" <RMardo@ALJOMAIHBEV.com>, <security-basics@securityfocus.com>
    Date: Mon, 26 Jul 2004 15:10:10 -0400
    
    

    Yes, I would not stop at 1023, would block all the way up.

    You will likely need to allow 443 (SSL). Unless you only want un-encrypted
    HTTP traffic (80).

    Port 25 should really only be for your email server, not all employees.
    Same for DNS server on 53.

    ----- Original Message -----
    From: "Ferino Mardo" <RMardo@ALJOMAIHBEV.com>
    To: <security-basics@securityfocus.com>
    Sent: Saturday, July 24, 2004 4:03 AM
    Subject: Which ports to block?

    In setting up a "deny all" rule from a firewall, is it safe to block
    ports 0 to 65535 or only up to 1023? My interest are only to allow port
    53 udp, 25, and 80.

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the
    skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------


  • Next message: Gethin Jones: "Re: Minimum password requirements"

    Relevant Pages

    • RE: Cisco CSA
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: Any reason not to use strcpy, strcat or scanf?
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)
    • RE: New Trojan?
      ... > Ethical Hacking at the InfoSec Institute. ... Attend a course taught by an expert instructor with years of ... pen testing experience in our state of the art hacking lab. ... to facilitate one-on-one interaction with one of our expert instructors. ...
      (Security-Basics)
    • RE: Wireless access
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... pen testing experience in our state of the art hacking lab. ... Attend a course taught by an expert instructor with years of in-the-field ...
      (Security-Basics)
    • Re: antivirus for linux
      ... Ethical Hacking at the InfoSec Institute. ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... pen testing experience in our state of the art hacking lab. ...
      (Security-Basics)