Re: What remote ports should I allow for IE ?
From: Don Kelloway (dkelloway_at_commodon.com)
Date: 09/30/04
- Next message: Don Kelloway: "Re: are these copies of svchost.exe legitimate"
- Previous message: morganlast: "are these copies of svchost.exe legitimate"
- In reply to: Brendan DJ Murphy: "What remote ports should I allow for IE ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 30 Sep 2004 00:31:41 GMT
"Brendan DJ Murphy" <brendan@cpac.REMOVE.org.uk> wrote in message
news:cjeega$hid$1$8300dec7@news.demon.co.uk...
> Whats the best way to configure a firewall for Internet Browsing?
>
> My Kerio rule is set to allow the following:
>
> Protocol TCP(Out)
> Local Port: Any
> Remote address: Any
> Remote Port: Any
> Application: c:\.....\iexplore.exe
>
> In other words, Internet Explorer is allowed to talk to anything it likes
> on any port.
>
> Again, similar to an earlier post, how can I tighten this down. It
> looks too "open" for my liking.
>
> I could add a list of remote ports
> eg: 80, 8080, 443(for secure https) etc
>
> What is the recommended list of remote ports to allow for IE?
>
At a minimum you will need to allow TCP ports 80 and 443 outbound. These
two ports will provide the ability to visit the websites of a high majority,
if not all companies which offer an Internet presence. For websites which
are being hosted on a port other than the standard TCP port 80 you will
probably want to add ports 8000, 8080 and 9000 which are the most common
secondary webserver ports.
-- Best regards, from Don Kelloway of Commodon Communications Visit http://www.commodon.com to learn about the "Threats to Your Security on the Internet".
- Next message: Don Kelloway: "Re: are these copies of svchost.exe legitimate"
- Previous message: morganlast: "are these copies of svchost.exe legitimate"
- In reply to: Brendan DJ Murphy: "What remote ports should I allow for IE ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
