Security Basics mailing list archives
RE: Which ports to block?
From: "Ferino Mardo" <RMardo () ALJOMAIHBEV com>
Date: Tue, 27 Jul 2004 12:24:29 +0300
Hey there Hamish, Nope I will not be running any web servers just mail servers and web surfers. I should add port 443 (https) to my list thanks Steve for pointing out.
-----Original Message----- From: Hamish Stanaway [mailto:koremeltdown () hotmail com] Sent: Tuesday, July 27, 2004 12:05 PM To: Ferino Mardo; security-basics () securityfocus com Subject: RE: Which ports to block? Hi there Ferino, It sounds as though you are running a web server from this box - please forgive me if I am wrong. If this server is a shared web hosting situation (e.g. a web hosting provider), it would be better to block all ports other than the ones you intend to use. The reason I say this is because users can run things you may not want off them, e.g. IRC bots, DDOS tools etc. If the server is for your own personal use/the server has one user, I would still suggest blocking all ports accept those that you are using. The reason I say this is that it offers one more level of protection that a potential intruder has to go around should the box be compremised (e.g. a hacker/cracker exploits some software you were too slow to patch or a 0day exploit was used, blocking that outgoing port might be one way that could stop a rootkit should they try to use one). This will not stop all hackers/crackers, but it is a good way to slow them down, or discourage the less knowledgable ones. Please feel frere to correct me if I am wrong, I am always open to learn something new. Kindest of regards, Hamish Stanaway, CEO Absolute Web Hosting / -= KoRe WoRkS Internet Security Auckland, New Zealand http://www.webhosting.net.nz http://www.buywebhosting.co.nz http://www.koreworks.com
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Which ports to block? Ferino Mardo (Jul 26)
- Re: Which ports to block? mike (Jul 26)
- RE: Which ports to block? Ed Spencer (Jul 26)
- Re: Which ports to block? steve (Jul 26)
- Re: Which ports to block? VHP3 (Jul 27)
- <Possible follow-ups>
- RE: Which ports to block? Barber, Chris Mr. ATEC/Contractor (Jul 26)
- RE: Which ports to block? Hamish Stanaway (Jul 27)
- RE: Which ports to block? Ferino Mardo (Jul 27)
- RE: Which ports to block? Majed Mohammed Ayoub Al-Shodari (Jul 27)