[NBLUG/talk] Outbound port filtering
E Frank Ball
frankb at frankb.us
Sat Jul 8 19:54:34 PDT 2006
On Sat, Jul 08, 2006 at 11:21:50AM -0700, William Tracy wrote:
}
} However, I'm still dinking around with the firewall settings on my
} Linksys. Inbound requests are all filtered out by default, which looks
} good for now. However, no outbound requests are filtered at all by
} default. I've been dinking around trying to figure out what ports to
} block.
}
} I finally hit a wall though--as far as I can tell, the firmware will
} only let me block up to five sets of ports. That's not quite enough if
} I want to take the approach I had in mind of essentially blocking
} everything that I don't know that I need.
}
} So, any thoughts on what ports really need to be blocked for a home
} network or network security must-reads? Actually, I'm not entirely
} sure what kind of attacks I would even be blocking this way, unless it
} would be some trojans trying to "phone home".
I don't bother blocking anything outbound, but you may want
to block Microsoft NetBIOS (File and Printer Sharing)
services. This would somebody somebody on your network with
a promiscuous windows machines from sharing all over the world:
135, 139, 445 tcp & udp
593 tcp
Trying to guess what ports trojans would use to phone home
is a lost cause.
--
E Frank Ball frankb at frankb.us
More information about the talk
mailing list