RE: Protecting Multiple Public IP Workstations

["Bruyere, Michel" <mbruyere () ezemcanada com>]

I would suggest reversing the way you want to do that, black all and then
let pass what's needed. This way you won't "forget" an important port, or
let customize malware pass through.

NB.: as others suggested, unless really needed, change the IPs to a private
range.


M.Bruyere
Network/systems administrator
CompTIA A+, Network+



> -----Original Message-----
> From: Preston, Tony [mailto:Tony.Preston () acs-inc com]
> Sent: mardi 2 mars 2004 08:32
> To: security-basics () securityfocus com
> Subject: RE: Protecting Multiple Public IP Workstations
>
> I have a linksys router and have a question...  It has a minimal port 
> filtering capability.  I block a couple of ports (135-139, 445), and 
> wondered what would be a suggested list of ports to block traffic 
> based on known virus/trojans.

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.securityfocus.com/sponsor/InfoSecInstitute_security-basics_040303
----------------------------------------------------------------------------