RE: [PLUG] Blocked outgoing ports

ChrisB. on 10 Dec 2004 19:38:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: [PLUG] Blocked outgoing ports

From: "ChrisB." <chris@chrisbovasso.com>

To: <plug@lists.phillylinux.org>

Subject: RE: [PLUG] Blocked outgoing ports

Date: Fri, 10 Dec 2004 14:36:23 -0500

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

I think your best bet is to block everything outgoing and work from there. As far as I am concerned it is better to have everything blocked and only open ports you need rather then open everything and block ports that are known to be malicious. I think one of the smartest moves I made for my home network was to segment it in such a way so that I can have various rule bases for each segment on the network. That is of course assuming you are working with a firewall that has more than one NIC and that you will be hosting more then just desktop internet access. A good starting off point would be iana's list of ports: http://www.iana.org/assignments/port-numbers Good luck! -----Original Message----- From: plug-admin@lists.phillylinux.org [mailto:plug-admin@lists.phillylinux.org] On Behalf Of Doug Crompton Sent: Friday, December 10, 2004 1:29 PM To: Phila Linux Users Group Subject: Re: [PLUG] Blocked outgoing ports On Fri, 10 Dec 2004, sean finney wrote: > on the other hand, it can be kind of a headache if it's your personal > workstation... in which case you probably want something a little more > relaxed, though the same concepts can be applied. > > sean > I guess I did not mention... this is a home network where I am not concerned about users inside doing anything wrong. I guess what I would have to do is block everything and then find out what does not work! Other then normal browsing I use internet radio and occasionally things like yahoo. I just thought maybe someone had established a list of common (out) ports that were typically used in a situation like this. Doug **************************** * Doug Crompton * * Richboro, PA 18954 * * 215-431-6307 * * * * doug@crompton.com * * wa3dsp@wa3dsp.ampr.org * * http://www.crompton.com * **************************** ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug

Prev by Date: RE: [PLUG] FS or Trade: 1RU Server (P3/700, 512MB RAM, 10GB HDD, crypto acceleration)

Next by Date: Re: [PLUG] [OT] Fiber in PA

Previous by thread: Re: [PLUG] Blocked outgoing ports

Next by thread: [PLUG] FS or Trade: 1RU Server (P3/700, 512MB RAM, 10GB HDD, crypto acceleration)

Index(es):

Date

Thread