Security Basics mailing list archives

Re: Which ports to block?

From: "steve" <securityfocus () delahunty com>
Date: Mon, 26 Jul 2004 15:10:10 -0400

Yes, I would not stop at 1023, would block all the way up.

You will likely need to allow 443 (SSL).  Unless you only want un-encrypted
HTTP traffic (80).

Port 25 should really only be for your email server, not all employees.
Same for DNS server on 53.


----- Original Message ----- 
From: "Ferino Mardo" <RMardo () ALJOMAIHBEV com>
To: <security-basics () securityfocus com>
Sent: Saturday, July 24, 2004 4:03 AM
Subject: Which ports to block?


In setting up a "deny all" rule from a firewall, is it safe to block
ports 0 to 65535 or only up to 1023? My interest are only to allow port
53 udp, 25, and 80.

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Which ports to block? Ferino Mardo (Jul 26)
- Re: Which ports to block? mike (Jul 26)
- RE: Which ports to block? Ed Spencer (Jul 26)
- Re: Which ports to block? steve (Jul 26)
- Re: Which ports to block? VHP3 (Jul 27)
- <Possible follow-ups>
- RE: Which ports to block? Barber, Chris Mr. ATEC/Contractor (Jul 26)
- RE: Which ports to block? Hamish Stanaway (Jul 27)
- RE: Which ports to block? Ferino Mardo (Jul 27)
- RE: Which ports to block? Majed Mohammed Ayoub Al-Shodari (Jul 27)