Educause Security Discussion mailing list archives
Re: Firewall - Outbound Ports
From: "Consolvo, Corbett D" <cc72 () TXSTATE EDU>
Date: Tue, 29 Jan 2008 10:55:46 -0600
Some suggestions: SNMP Microsoft networking (Netbios/445) SMTP except for authorized mail servers TFTP Maybe IRC? (that ought to generate some remarks :) ) I certainly agree that upper-layer intelligence is also a great idea. To me filtering out some of the basic ports cuts down on a lot of the basic issues without too much loss in functionality. Corbett Consolvo Information Security Analyst Texas State University -----Original Message----- From: Michael Hornung [mailto:hornung () WASHINGTON EDU] Sent: Tuesday, January 29, 2008 10:48 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Firewall - Outbound Ports If you're attempting to block certain activities, not just ports for their own sake -- I mean, what's wrong with the number 445 anyway? -- it would seem more effective to use layer7 packet filtering or shaping to accomplish your goals. Firewalling at layers 3/4 only encourages a place we don't want to be, the port 80 Internet. ___________________________________________________ Michael Hornung UW Technology hornung () washington edu University of Washington On Tue, 29 Jan 2008 at 09:48, Chris Golden wrote: |I am in the process of deciding wether or not to change my firewall |strategy for outbound ports. We allow gaming in the dorms and keeping up |with all the games and their enormous port ranges is a huge time sink. |I have polled some other schools and found that they do not block |outbound ports however I feel like some need to be blocked. Which ports |do you block outbound? Which ports do you recommend being blocked |outbound (SMTP, NetBios, etc.)? | |Chris Golden, GCIH |Coordinator of Network Services |Lee University |423.614.8020
Current thread:
- Firewall - Outbound Ports Chris Golden (Jan 29)
- <Possible follow-ups>
- Re: Firewall - Outbound Ports Michael Hornung (Jan 29)
- Re: Firewall - Outbound Ports Consolvo, Corbett D (Jan 29)
- Re: Firewall - Outbound Ports Roger Safian (Jan 29)
- Re: Firewall - Outbound Ports Joseph Karam (Jan 30)
- Re: Firewall - Outbound Ports Roger Safian (Jan 30)
- Re: Firewall - Outbound Ports Valdis Kletnieks (Jan 30)