Re: host based firewall for windows 2003 server?

[Graham Toal <gtoal () UTPA EDU>]

> What outgoing/incoming ports do other institutions block and why? 

INCOMING:

Block all incoming by default.

Open some ports (eg web, smtp) to the specific servers
that need those ports

Open a few 'safe' ports to all, such as ssh and remote desktop.

Block unencrypted mail fetching, force use of IMAPS etc.
(firewall less important here than how the server is configured)

Watch carefully and open up other incoming on a case by case
basis.


OUTGOING:

Leave all open by default.

Block specific ports you know will not be used, especially if
they are a vector for virus transmission (eg all microsoft
ports - 137 etc, and sql)

Block outgoing email (25) except from your smart mailer

Block unencrypted outgoing ftp if you worry about data leaks

Block outgoing pop3, imap etc if you are a business and are
fully controlling use of email (though on educause that's not
very likely)

Watch carefully and block other outgoing on a case by case basis.