|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
[PLUG] Re: Blocked outgoing ports
|
On Fri, 10 Dec 2004, Doug Crompton wrote:
> On Fri, 10 Dec 2004, sean finney wrote:
>
> > on the other hand, it can be kind of a headache if it's your personal
> > workstation... in which case you probably want something a little more
> > relaxed, though the same concepts can be applied.
> >
> > sean
> >
>
> I guess I did not mention... this is a home network where I am not
> concerned about users inside doing anything wrong. I guess what I would
> have to do is block everything and then find out what does not work! Other
> then normal browsing I use internet radio and occasionally things like
> yahoo.
You still want to block everything. Just because you trust the users does not
mean that someday one of your machines will get infected with something that
tries to use odd ports. If these odd ports are blocked then the outbreak is
contained on your network. On my net for instance only mail servers have port
25 open to the outside. All of the other machines MUST relay mail out through
the mail servers.
> I just thought maybe someone had established a list of common (out) ports
> that were typically used in a situation like this.
I doubt this type of list exists, as it varies not only by network but even
by the function of the individual machine.
Regards,
Tom
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|