Educause Security Discussion mailing list archives
Re: host based firewall for windows 2003 server?
From: Graham Toal <gtoal () UTPA EDU>
Date: Thu, 22 Jun 2006 08:25:27 -0500
What outgoing/incoming ports do other institutions block and why?
INCOMING: Block all incoming by default. Open some ports (eg web, smtp) to the specific servers that need those ports Open a few 'safe' ports to all, such as ssh and remote desktop. Block unencrypted mail fetching, force use of IMAPS etc. (firewall less important here than how the server is configured) Watch carefully and open up other incoming on a case by case basis. OUTGOING: Leave all open by default. Block specific ports you know will not be used, especially if they are a vector for virus transmission (eg all microsoft ports - 137 etc, and sql) Block outgoing email (25) except from your smart mailer Block unencrypted outgoing ftp if you worry about data leaks Block outgoing pop3, imap etc if you are a business and are fully controlling use of email (though on educause that's not very likely) Watch carefully and block other outgoing on a case by case basis.
Current thread:
- Re: host based firewall for windows 2003 server?, (continued)
- Re: host based firewall for windows 2003 server? Pace, Guy (Jun 15)
- Re: host based firewall for windows 2003 server? Vuong Phung (Jun 15)
- Re: host based firewall for windows 2003 server? Petreski, Samuel (Jun 15)
- Re: host based firewall for windows 2003 server? Bob Kehr (Jun 15)
- Re: host based firewall for windows 2003 server? Graham Toal (Jun 15)
- Re: host based firewall for windows 2003 server? Petreski, Samuel (Jun 15)
- Re: host based firewall for windows 2003 server? Graham Toal (Jun 15)
- Re: host based firewall for windows 2003 server? Petreski, Samuel (Jun 15)
- Re: host based firewall for windows 2003 server? Graham Toal (Jun 15)
- Re: host based firewall for windows 2003 server? Flagg, Martin D. (Jun 22)
- Re: host based firewall for windows 2003 server? Graham Toal (Jun 22)
- Re: host based firewall for windows 2003 server? David Gillett (Jun 22)
- Re: host based firewall for windows 2003 server? Graham Toal (Jun 22)
- Re: host based firewall for windows 2003 server? Karen Duncanson (Jun 22)