PDA

View Full Version : What ports to block

Nikumba
14th March 2005, 10:44
Trying to write a firewall rule just trying work out what ports need to open?

I know i need 80, 21 and mail server ports.

What others do i need to open?

Cheers

Nikumba
Preed
14th March 2005, 11:04
EVERYTHING! Infact, just unplug your connection and you'll be as safe as possible.
Nikumba
14th March 2005, 11:10
Originally posted by Preed
EVERYTHING! Infact, just unplug your connection and you'll be as safe as possible.

And that helps how?
Afty
14th March 2005, 11:10
Ermm... the ports you need open are the ports for the services you want available.

Which services do you want available?
Nikumba
14th March 2005, 11:27
Well little as possible

I know i need port 80, 21 for web and ftp, for SSL sites do you need another port open?

Out of the servers its really only the mail server and i know what ports that needs

Nikumba
Afty
14th March 2005, 11:39
To provide a comprehensive list of ports, we'd need a comprehensive list of the services you're going to run...

Assuming it's what you typed and nothing more:

Web : 80
SSL : 443
FTP : 21
SMTP (mail) : 25
POP3 (mail) : 110
IMAP? (mail) : 143

Are you going to need to administrate the server at all? If so you will need some remote admin program (if its a windows box, RDP is superb) and appropriate ports open.

Remember that many of these can be configured to run on non-default ports, and in some instances (FTP, private SSL apps, private web apps etc.) it is a good idea to do so.
Nexus
14th March 2005, 11:53
Also by web, do you mean browsing web pages, or hosting a web server?

You dont need to open port 80 inbound to browse web pages, only if you are hosting a web service.

What sort of firewall, is it inbound outbound or both?

What exactly is behind your firewall - as afty says it all depends what services you want people on the internet to be able to access from your machine behind the firewall.
MONK
14th March 2005, 17:04
What type of firewall is it, are you filter based on port numbers only or will you be filtering by flags etc... as well.
Nikumba
14th March 2005, 17:58
Its the firewall on our Cisco 2621XM router

Nikumba
Gifted
15th March 2005, 07:43
what about VPN?

doesnt anyone remotly sign into your network?...

i have everything blocked here. apart from VPN, Intranet (which also routes everything over from internet to save me from having the most comon ports open..

oh.. and bit-torrents! lol (but thats justs a gift for me!)