4 Replies - 1408 Views - Last Post: 21 August 2012 - 09:57 AM

#1 macb6497  Icon User is offline

  • D.I.C Head

Reputation: -6
  • View blog
  • Posts: 80
  • Joined: 25-December 09

Protocols/ports you shouldn't allow remote in production environme

Posted 21 August 2012 - 08:05 AM

I wanted to create a quick topic to list ports you shouldn't forward or allow connections past the modem/remote connections.

Some ports I think you shouldn't allow to be accessed remotely in a production environment are 21 (ftp), 22 (ssh or sftp), 23 (telnet), 110 (pop), 995 (pops), 992 (telnets), 5000+ (remote admin, teamviewer, etc) and any other ports that allow administration, modification, or write-capable transfers.

Any other ports you all think, should be blocked for remote access?

Also, if you had a production server, what ports would you allow?

I would drop all and then explicitly list ports based on when the connection is new or established.

Thanks,

This post has been edited by macb6497: 21 August 2012 - 08:06 AM


Is This A Good Question/Topic? 0
  • +

Replies To: Protocols/ports you shouldn't allow remote in production environme

#2 no2pencil  Icon User is online

  • Admiral Fancy Pants
  • member icon

Reputation: 5382
  • View blog
  • Posts: 27,350
  • Joined: 10-May 07

Re: Protocols/ports you shouldn't allow remote in production environme

Posted 21 August 2012 - 09:39 AM

You should add irc to that list, imo. I once had a client bring in a Linux rackmount server because their isp was complaining of traffic. I found an irc client running in /tmp/ (with a blank space named sub-dir) that was streaming tons of data over an irc server in France.
Was This Post Helpful? 0
  • +
  • -

#3 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 9496
  • View blog
  • Posts: 35,844
  • Joined: 12-June 08

Re: Protocols/ports you shouldn't allow remote in production environme

Posted 21 August 2012 - 09:47 AM

You are using a firewall, right?
Was This Post Helpful? 0
  • +
  • -

#4 macb6497  Icon User is offline

  • D.I.C Head

Reputation: -6
  • View blog
  • Posts: 80
  • Joined: 25-December 09

Re: Protocols/ports you shouldn't allow remote in production environme

Posted 21 August 2012 - 09:50 AM

View Postmodi123_1, on 21 August 2012 - 12:47 PM, said:

You are using a firewall, right?



Yeah, this topic was created just for thoughts of what port shouldn't be open
Was This Post Helpful? 0
  • +
  • -

#5 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 9496
  • View blog
  • Posts: 35,844
  • Joined: 12-June 08

Re: Protocols/ports you shouldn't allow remote in production environme

Posted 21 August 2012 - 09:57 AM

Hmm.. I figure I would approach it as: firewall blocks all the ports, and I would whitelist what I need as I know about it.
Was This Post Helpful? 1
  • +
  • -

Page 1 of 1