Educause Security Discussion mailing list archives
Re: Internet ingress port-blocking
From: Joseph Tam <tam () MATH UBC CA>
Date: Fri, 18 Aug 2017 17:36:33 -0700
Outbound is a different story. At this point, we only block two services outbound, port 25 for smtp and udp/tcp port 53 for DNS. We want to ensure our users are going through our protected servers for these services.
And, to be obvious, give the rest of the internet a break and block any outgoing source addresses not in your network (i.e. spoofed addresses). Joseph Tam <tam () math ubc ca>
Current thread:
- Internet ingress port-blocking Brian Helman (Aug 17)
- Re: Internet ingress port-blocking Garrett Hildebrand (Aug 17)
- Re: Internet ingress port-blocking Velislav K Pavlov (Aug 17)
- Re: Internet ingress port-blocking Brian Helman (Aug 17)
- Re: Internet ingress port-blocking Andy Hooper (Aug 18)
- Re: Internet ingress port-blocking Velislav K Pavlov (Aug 17)
- Re: Internet ingress port-blocking Brian Helman (Aug 17)
- Message not available
- Re: Internet ingress port-blocking John Kristoff (Aug 17)
- Re: Internet ingress port-blocking Garrett Hildebrand (Aug 17)
- <Possible follow-ups>
- Re: Internet ingress port-blocking Joseph Tam (Aug 18)