port blocks

Joel Dudley joel@silverw.com
Tue, 15 Aug 2000 15:24:30 -0700


Well, actually, this is the router in front of our web servers.  The only
port I am currently blocking is tcp port 139.

- Joel
----- Original Message -----
From: "Furmanek, Greg" <Greg.Furmanek@hit.cendant.com>
To: <plug-discuss@lists.PLUG.phoenix.az.us>
Sent: Tuesday, August 15, 2000 3:09 PM
Subject: RE: port blocks


> If you not serving to the internet block all from outside
> and block all from inside except ports that are necessary.
>
> The Wolf
>
> -> -----Original Message-----
> -> From: joel@silverw.com [mailto:joel@silverw.com]
> -> Sent: Tuesday, August 15, 2000 2:52 PM
> -> To: Plug-discuss@lists.PLUG.phoenix.az.us
> -> Subject: port blocks
> ->
> ->
> -> This is a multi-part message in MIME format.
> ->
> ->
> -> ------=_NextPart_000_01C1_01C006C8.4D852090
> -> Content-Type: text/plain;
> -> charset="iso-8859-1"
> -> Content-Transfer-Encoding: quoted-printable
> ->
> -> OK, I was trying to get an idea of standard port blocks for
> -> security =
> -> reasons to put in place on a router.  I know that there is
> -> no such thing =
> -> as a standard set of port blocks, however, there surely must
> -> be a few =
> -> port blocks that you security gnomes out there keep fresh in
> -> your memory =
> -> as standard procedure.  I will leave the can of Mountain Dew
> -> in front of =
> -> me unopened as a sacrafice for this arcane knowledge. Thanks.
> ->
> -> - Joel
> -> -------------------------------------------------------------
> -> ------------=
> -> ---
> -> "For the scientist who has lived by his faith in the power
> -> of reason, =
> -> the
> -> story ends like a bad dream. He has scaled the mountains of
> -> ignorance; =
> -> he is
> -> about to conquer the highest peak; as he pulls himself over
> -> the final =
> -> rock,
> -> he is greeted by a band of theologians who have been sitting
> -> there for
> -> centuries."
> ->
> -> - Dr. Robert Jastrow
> ->         Founder of NASA"s Goddard Institute for space studies
> ->
> ->
> ->
> -> ------=_NextPart_000_01C1_01C006C8.4D852090
> -> Content-Type: text/html;
> -> charset="iso-8859-1"
> -> Content-Transfer-Encoding: quoted-printable
> ->
> -> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> -> <HTML><HEAD>
> -> <META http-equiv=3DContent-Type content=3D"text/html; =
> -> charset=3Diso-8859-1">
> -> <META content=3D"MSHTML 5.50.4134.600" name=3DGENERATOR>
> -> <STYLE></STYLE>
> -> </HEAD>
> -> <BODY bgColor=3D#ffffff>
> -> <DIV><FONT face=3DArial size=3D2>OK, I was trying to get an idea of =
> -> standard port=20
> -> blocks for security reasons to put in place on a
> -> router.&nbsp; I know =
> -> that there=20
> -> is no such thing as a standard set of port blocks, however,
> -> there surely =
> -> must be=20
> -> a few port blocks&nbsp;that you security gnomes out there
> -> keep fresh in =
> -> your=20
> -> memory as standard procedure.&nbsp; I will leave the can of
> -> Mountain Dew =
> -> in=20
> -> front of me unopened as a sacrafice for this arcane knowledge.=20
> -> Thanks.</FONT></DIV>
> -> <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
> -> <DIV><FONT face=3DArial size=3D2>- Joel</FONT></DIV>
> -> <DIV><FONT face=3DArial=20
> -> size=3D2>----------------------------------------------------
> -> ------------=
> -> ------------<BR>"For=20
> -> the scientist who has lived by his faith in the power of reason, =
> -> the<BR>story=20
> -> ends like a bad dream. He has scaled the mountains of ignorance; he =
> -> is<BR>about=20
> -> to conquer the highest peak; as he pulls himself over the final =
> -> rock,<BR>he is=20
> -> greeted by a band of theologians who have been sitting there=20
> -> for<BR>centuries."</FONT></DIV>
> -> <DIV>&nbsp;</DIV>
> -> <DIV><FONT face=3DArial size=3D2>- Dr. Robert=20
> -> Jastrow<BR>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
> -> Founder of NASA"s =
> -> Goddard=20
> -> Institute for space studies</FONT></DIV>
> -> <DIV>&nbsp;</DIV>
> -> <DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV></BODY></HTML>
> ->
> -> ------=_NextPart_000_01C1_01C006C8.4D852090--
> ->
> ->
> -> ________________________________________________
> -> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your
> -> mail doesn't post to the list quickly and you use Netscape
> -> to write mail.
> ->
> -> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> -> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
> ->
>
> ________________________________________________
> See http://PLUG.phoenix.az.us/navigator-mail.shtml if your mail doesn't
post to the list quickly and you use Netscape to write mail.
>
> Plug-discuss mailing list  -  Plug-discuss@lists.PLUG.phoenix.az.us
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss