port blocks

Top Page
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: JoelDudleyjoel@silverw.com
Date:  
Subject: port blocks
That is usually my standard procedure. However, the thought of locking
everything down on our router is a bit scary to me. Just looking for some
common blocks off the top of peoples heads.

- Joel
----- Original Message -----
From: rleonard <>
To: <>
Sent: Tuesday, August 15, 2000 5:58 PM
Subject: Re: port blocks


> Why not SHUTDOWN EVERYTHING, then open only the required services after

you
> have patched/tweaked/tested your applications that you need open. Then

run
> your scans, have your buddies run thier scans and monitor log files. I

have
> invited various pluggers to scan networks that i'm on and in every case
> they've had excellent recommendations.
>
> ----- Original Message -----
> From: "Furmanek, Greg" <>
> To: <>
> Sent: Tuesday, August 15, 2000 5:01 PM
> Subject: RE: port blocks
>
>
> > run a scan on your machine. check open ports.
> > block any ports that you do not want to serve to
> > the internet. Read ALL security warnings on the
> > current web server application you are using.
> > BTW ( the most hit websites are running NT and IIS )
> >
> > The Wolf
> >
> > -> -----Original Message-----
> > -> From: [mailto:joel@silverw.com]
> > -> Sent: Tuesday, August 15, 2000 3:59 PM
> > -> To:
> > -> Subject: Re: port blocks
> > ->
> > ->
> > -> Exactly watson!!! Windows indeed!!
> > ->
> > -> - Joel
> > -> ----- Original Message -----
> > -> From: "Furmanek, Greg" <>
> > -> To: <>
> > -> Sent: Tuesday, August 15, 2000 3:53 PM
> > -> Subject: RE: port blocks
> > ->
> > ->
> > -> > 139??? You must be running windows....
> > -> >
> > -> > The Wolf
> > -> >
> > -> > -> -----Original Message-----
> > -> > -> From: [mailto:joel@silverw.com]
> > -> > -> Sent: Tuesday, August 15, 2000 3:25 PM
> > -> > -> To:
> > -> > -> Subject: Re: port blocks
> > -> > ->
> > -> > ->
> > -> > -> Well, actually, this is the router in front of our web
> > -> > -> servers. The only
> > -> > -> port I am currently blocking is tcp port 139.
> > -> > ->
> > -> > -> - Joel
> > -> > -> ----- Original Message -----
> > -> > -> From: "Furmanek, Greg" <>
> > -> > -> To: <>
> > -> > -> Sent: Tuesday, August 15, 2000 3:09 PM
> > -> > -> Subject: RE: port blocks
> > -> > ->
> > -> > ->
> > -> > -> > If you not serving to the internet block all from outside
> > -> > -> > and block all from inside except ports that are necessary.
> > -> > -> >
> > -> > -> > The Wolf
> > -> > -> >
> > -> > -> > -> -----Original Message-----
> > -> > -> > -> From: [mailto:joel@silverw.com]
> > -> > -> > -> Sent: Tuesday, August 15, 2000 2:52 PM
> > -> > -> > -> To:
> > -> > -> > -> Subject: port blocks
> > -> > -> > ->
> > -> > -> > ->
> > -> > -> > -> This is a multi-part message in MIME format.
> > -> > -> > ->
> > -> > -> > ->
> > -> > -> > -> ------=_NextPart_000_01C1_01C006C8.4D852090
> > -> > -> > -> Content-Type: text/plain;
> > -> > -> > -> charset="iso-8859-1"
> > -> > -> > -> Content-Transfer-Encoding: quoted-printable
> > -> > -> > ->
> > -> > -> > -> OK, I was trying to get an idea of standard port blocks for
> > -> > -> > -> security =
> > -> > -> > -> reasons to put in place on a router. I know that there is
> > -> > -> > -> no such thing =
> > -> > -> > -> as a standard set of port blocks, however, there
> > -> surely must
> > -> > -> > -> be a few =
> > -> > -> > -> port blocks that you security gnomes out there
> > -> keep fresh in
> > -> > -> > -> your memory =
> > -> > -> > -> as standard procedure. I will leave the can of
> > -> Mountain Dew
> > -> > -> > -> in front of =
> > -> > -> > -> me unopened as a sacrafice for this arcane
> > -> knowledge. Thanks.
> > -> > -> > ->
>
>
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't

post to the list quickly and you use Netscape to write mail.
>
> Plug-discuss mailing list -
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>