What SERVICES TO BLOCK ON A FIREWALL

tech · 05-09-2005 9:24pm #1

Ok

Id like to know what are the common ports ye Network Admins block by default

Limewire TCP 6346
E-Donkey TCP 4662
E- Donkey UDP 9367
Real Audio TCP 7070
QuickTime ICMP 554
WINMX TCP 6699 & 6257

id like to see yer lists of services to block to stop users abusuing the connection to the net

Thanks Guys

Kali · 06-09-2005 10:32am

Denying specific ports is bad. Deny all then permit specified ports.

In here everything is denied bar:
80 (with specific rules blocking httptunnel IPs), 25 (to specific MTAs only), 110 (again to specific servers), 22 (ssh), 123 (ntp), 53 (dns) and outbound icmp traffic.

Hecate · 06-09-2005 3:41pm

Usually you have a default drop rule at the beginning or end of your ruleset, where you put it depends on how the firewall in question evaluates its rules of course. Out of the box, a lot of popular firewalls are configured to drop all traffic anyway.

You then start allowing what you want, and only what you want, in and out.

loyatemu · 09-09-2005 2:28pm

Kali wrote:

Denying specific ports is bad. Deny all then permit specified ports.

In here everything is denied bar:
80 (with specific rules blocking httptunnel IPs), 25 (to specific MTAs only), 110 (again to specific servers), 22 (ssh), 123 (ntp), 53 (dns) and outbound icmp traffic.

might want to allow 443 for https as well.

What SERVICES TO BLOCK ON A FIREWALL

Comments