Educause Security Discussion mailing list archives
Re: Residence Halls network security
From: Gary Flynn <flynngn () JMU EDU>
Date: Thu, 27 Aug 2009 14:17:24 -0400
At Internet border: All inbound TCP SYN packets from the Internet. All outbound SMTP connections to the Internet. At student borders: 137/138/139/445/593 in/outbound msrpc 135 in/outbound snmp 161 (udp) in/outbound tftp 69 (udp) outbound sqlserver 1434 (udp) out/inbound echo (udp) in/outbound 19 (udp) outbound syslog 514 (udp) outbound bootpc outbound icmp redirect outbound icmp router advertisement outbound spoofed IPs outbound IRC outbound These were very effective and necessary for reducing compromises several years ago. Much less so today. Today's compromises are primarily through web borne malware and exploits rather than direct network connections. Infected systems call out (BOTS) rather than wait for connections (Trojan servers). And better host firewalls and automatic update mechanisms reduce the attack surface for malicious network connections. Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security <reply top posted thanks to Microsoft Outlook>
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Plesco, Todd Sent: Thursday, August 27, 2009 12:17 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Residence Halls network security I'm curious what ports/services everyone is blocking/allowing in their residence areas. Port 135 is the obvious one to block but after that? Best, Todd A. Plesco CISM, CBCP Chapman University, Director of Information Security One University Drive, Orange, CA 92866 Phone: (714) 744-7979/Fax: (714) 744-7041
Current thread:
- Residence Halls network security Plesco, Todd (Aug 27)
- <Possible follow-ups>
- Re: Residence Halls network security Stanclift, Michael (Aug 27)
- Re: Residence Halls network security Ian McDonald (Aug 27)
- Re: Residence Halls network security Michael Grinnell (Aug 27)
- Re: Residence Halls network security Entwistle, Bruce (Aug 27)
- Re: Residence Halls network security Jeff Kell (Aug 27)
- Re: Residence Halls network security Gary Flynn (Aug 27)