port blocks

rleonard rleonard@aprnet.com
Tue, 15 Aug 2000 17:58:27 -0700 

Why not SHUTDOWN EVERYTHING, then open only the required services after you
have patched/tweaked/tested your applications that you need open.   Then run
your scans, have your buddies run thier scans and monitor log files.  I have
invited various pluggers to scan networks that i'm on and in every case
they've had excellent recommendations.

----- Original Message -----
From: "Furmanek, Greg" <Greg.Furmanek@hit.cendant.com>
To: <plug-discuss@lists.PLUG.phoenix.az.us>
Sent: Tuesday, August 15, 2000 5:01 PM
Subject: RE: port blocks


> run a scan on your machine. check open ports.
> block any ports that you do not want to serve to
> the internet.  Read ALL security warnings on the
> current web server application you are using.
> BTW ( the most hit websites are running NT and IIS )
>
> The Wolf
>
> -> -----Original Message-----
> -> From: joel@silverw.com [mailto:joel@silverw.com]
> -> Sent: Tuesday, August 15, 2000 3:59 PM
> -> To: plug-discuss@lists.PLUG.phoenix.az.us
> -> Subject: Re: port blocks
> ->
> ->
> -> Exactly watson!!!  Windows indeed!!
> ->
> -> - Joel
> -> ----- Original Message -----
> -> From: "Furmanek, Greg" <Greg.Furmanek@hit.cendant.com>
> -> To: <plug-discuss@lists.PLUG.phoenix.az.us>
> -> Sent: Tuesday, August 15, 2000 3:53 PM
> -> Subject: RE: port blocks
> ->
> ->
> -> > 139???  You must be running windows....
> -> >
> -> > The Wolf
> -> >
> -> > -> -----Original Message-----
> -> > -> From: joel@silverw.com [mailto:joel@silverw.com]
> -> > -> Sent: Tuesday, August 15, 2000 3:25 PM
> -> > -> To: plug-discuss@lists.PLUG.phoenix.az.us
> -> > -> Subject: Re: port blocks
> -> > ->
> -> > ->
> -> > -> Well, actually, this is the router in front of our web
> -> > -> servers.  The only
> -> > -> port I am currently blocking is tcp port 139.
> -> > ->
> -> > -> - Joel
> -> > -> ----- Original Message -----
> -> > -> From: "Furmanek, Greg" <Greg.Furmanek@hit.cendant.com>
> -> > -> To: <plug-discuss@lists.PLUG.phoenix.az.us>
> -> > -> Sent: Tuesday, August 15, 2000 3:09 PM
> -> > -> Subject: RE: port blocks
> -> > ->
> -> > ->
> -> > -> > If you not serving to the internet block all from outside
> -> > -> > and block all from inside except ports that are necessary.
> -> > -> >
> -> > -> > The Wolf
> -> > -> >
> -> > -> > -> -----Original Message-----
> -> > -> > -> From: joel@silverw.com [mailto:joel@silverw.com]
> -> > -> > -> Sent: Tuesday, August 15, 2000 2:52 PM
> -> > -> > -> To: Plug-discuss@lists.PLUG.phoenix.az.us
> -> > -> > -> Subject: port blocks
> -> > -> > ->
> -> > -> > ->
> -> > -> > -> This is a multi-part message in MIME format.
> -> > -> > ->
> -> > -> > ->
> -> > -> > -> ------=_NextPart_000_01C1_01C006C8.4D852090
> -> > -> > -> Content-Type: text/plain;
> -> > -> > -> charset="iso-8859-1"
> -> > -> > -> Content-Transfer-Encoding: quoted-printable
> -> > -> > ->
> -> > -> > -> OK, I was trying to get an idea of standard port blocks for
> -> > -> > -> security =
> -> > -> > -> reasons to put in place on a router.  I know that there is
> -> > -> > -> no such thing =
> -> > -> > -> as a standard set of port blocks, however, there
> -> surely must
> -> > -> > -> be a few =
> -> > -> > -> port blocks that you security gnomes out there
> -> keep fresh in
> -> > -> > -> your memory =
> -> > -> > -> as standard procedure.  I will leave the can of
> -> Mountain Dew
> -> > -> > -> in front of =
> -> > -> > -> me unopened as a sacrafice for this arcane
> -> knowledge. Thanks.
> -> > -> > ->