RE: trusted & untrusted ports

["David Fore" <wdfore () ev1 net>]

The key here is to open only what you need. Everything else is closed by
default. Here is a link to a paper I wrote on this subject. It's more
procedural, than technical. However, I think you will get the idea.

http://www.giac.org/practical/GSEC/William_Fore_GSEC.pdf

Regards,
David
PGP 0xA19B5C17 (pubkey: ldap://keyserver.pgp.com)

-----Original Message-----
From: Meidinger Chris [mailto:chris.meidinger () badenit de] 
Sent: Tuesday, November 11, 2003 1:59 AM
To: Hilal Hussein; security-basics () securityfocus com
Subject: AW: trusted & untrusted ports


1. General rule: close everything and then open what you need 2. web
applications work the same as everything else. they are usually on port
80, but you can put them on any port. they are alse
client(browser)/server(httpd) applications; in fact they tend to be the
most common client/server applications. 3. take a look at 'INSIDE
Network Perimeter Security' by
Northcutt/Zeltser/Winters/Frederick/Ritchey - this book will help you
make informed decisions about when and how to open holes in your network
border.


-----Ursprüngliche Nachricht-----
Von: Hilal Hussein [mailto:hilalma () hotmail com] 
Gesendet: Sonntag, 9. November 2003 08:19
An: security-basics () securityfocus com
Betreff: trusted & untrusted ports



Dear List,

I would like to open ports in my firewall so that i can access some
applications out of my network. consequently, I have two questions:

1 - How I can Identify trusted ports vs. Untrusted ports ? assuming
trust is directly concern with the security prespective (include virus,
worms, hack, ...).

2 - corret me from wrong please. "There are two types of applications:
web application (access through the http port), and client/server
application (access through a defined port should be opened on the
internet gateway).

your feedback and respond are highly appreciated.

honeslty, I am getting very good information out of this email list, so
hopefully the answers will be benifitial to me and other members will to
improve their knowledge base.

regards,

Hilal

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE*
http://join.msn.com/?page=features/junkmail


------------------------------------------------------------------------
---
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services
security to

simplify the management and deployment of PGP and reduce overall PGP
costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027

------------------------------------------------------------------------
----

------------------------------------------------------------------------
---
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services
security to 
simplify the management and deployment of PGP and reduce overall PGP
costs 
by up to 80%.
FREE WHITEPAPER & 30 Day Trial - 
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027

------------------------------------------------------------------------
----



---------------------------------------------------------------------------
Forum Systems PRESIDIO: PGP / XML GATEWAY APPLIANCE
The Presidio integrates PGP data encryption and XML Web Services security to
simplify the management and deployment of PGP and reduce overall PGP costs
by up to 80%.
FREE WHITEPAPER & 30 Day Trial -
http://www.securityfocus.com/sponsor/ForumSystems_security-basics_031027
----------------------------------------------------------------------------