Firewall Wizards mailing list archives
Re: Firewall best practices
From: arvind doraiswamy <arvind.doraiswamy () gmail com>
Date: Mon, 22 Mar 2010 22:07:35 +0530
I'm not really sure anything of that sort will be available anywhere. Even if it is I'd advise you take it with a big pinch of salt. Reason being I think there's only 1 "best" list -- Thats based on the "what you need" principle. Meaning I could rattle off a list of say 10 ports which should not be exposed...but it'd all be utterly useless if your business demanded those remain open. So if there's legacy code in your setup which demands that UDP ports between 1024 and 65535 remain open... and they are not willing to phase it out -- the best thing you can then do is restrict IP addresses and put other compensatory controls in place. To sum up - The best list is: a) Grant access to exactly what you need in your environment. Wireshark is your friend. b) Deny all else Not exactly what you're looking for maybe...but its just an approach I think sort of fits IMHO. Cheers Arvind On Sat, Mar 20, 2010 at 10:24 PM, Jason Lewis <jlewis () packetnexus com> wrote:
I was configuring a new firewall and was setting up rules to block things like SMB and known trojan port and remote access client. It got me thinking that the process would be quicker if I had a list recommended ports/apps to block. Is anyone aware of such a list. Best practices for ports to block seems like something that would exists, but I haven't had any luck in my search. jas _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Firewall best practices Jason Lewis (Mar 20)
- Re: Firewall best practices Andre Lima (Mar 23)
- Re: Firewall best practices Potter, Albert (Al) (Mar 23)
- Re: Firewall best practices arvind doraiswamy (Mar 23)