Security Basics mailing list archives

RE: Which ports to block?

From: "Ferino Mardo" <RMardo () ALJOMAIHBEV com>
Date: Tue, 27 Jul 2004 12:24:29 +0300

Hey there Hamish,

Nope I will not be running any web servers just mail servers and web
surfers. I should add port 443 (https) to my list thanks Steve for
pointing out.

-----Original Message-----
From: Hamish Stanaway [mailto:koremeltdown () hotmail com] 
Sent: Tuesday, July 27, 2004 12:05 PM
To: Ferino Mardo; security-basics () securityfocus com
Subject: RE: Which ports to block?

Hi there Ferino,

It sounds as though you are running a web server from this 
box - please 
forgive me if I am wrong.
If this server is a shared web hosting situation (e.g. a web hosting 
provider), it would be better to block all ports other than 
the ones you 
intend to use. The reason I say this is because users can run 
things you may 
not want off them, e.g. IRC bots, DDOS tools etc.
If the server is for your own personal use/the server has one 
user, I would 
still suggest blocking all ports accept those that you are 
using. The reason 
I say this is that it offers one more level of protection 
that a potential 
intruder has to go around should the box be compremised (e.g. a 
hacker/cracker exploits some software you were too slow to 
patch or a 0day 
exploit was used, blocking that outgoing port might be one 
way that could 
stop a rootkit should they try to use one). This will not stop all 
hackers/crackers, but it is a good way to slow them down, or 
discourage the 
less knowledgable ones.
Please feel frere to correct me if I am wrong, I am always 
open to learn 
something new.

Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS Internet Security 
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------

Current thread:

Which ports to block? Ferino Mardo (Jul 26)
- Re: Which ports to block? mike (Jul 26)
- RE: Which ports to block? Ed Spencer (Jul 26)
- Re: Which ports to block? steve (Jul 26)
- Re: Which ports to block? VHP3 (Jul 27)
- <Possible follow-ups>
- RE: Which ports to block? Barber, Chris Mr. ATEC/Contractor (Jul 26)
- RE: Which ports to block? Hamish Stanaway (Jul 27)
- RE: Which ports to block? Ferino Mardo (Jul 27)
- RE: Which ports to block? Majed Mohammed Ayoub Al-Shodari (Jul 27)