[NBLUG/talk] Outbound port filtering

E Frank Ball frankb at frankb.us
Sat Jul 8 19:54:34 PDT 2006


On Sat, Jul 08, 2006 at 11:21:50AM -0700, William Tracy wrote:
} 
} However, I'm still dinking around with the firewall settings on my
} Linksys. Inbound requests are all filtered out by default, which looks
} good for now. However, no outbound requests are filtered at all by
} default. I've been dinking around trying to figure out what ports to
} block.
} 
} I finally hit a wall though--as far as I can tell, the firmware will
} only let me block up to five sets of ports. That's not quite enough if
} I want to take the approach I had in mind of essentially blocking
} everything that I don't know that I need.
} 
} So, any thoughts on what ports really need to be blocked for a home
} network or network security must-reads? Actually, I'm not entirely
} sure what kind of attacks I would even be blocking this way, unless it
} would be some trojans trying to "phone home".


I don't bother blocking anything outbound, but you may want
to block Microsoft NetBIOS (File and Printer Sharing)
services.  This would somebody somebody on your network with
a promiscuous windows machines from sharing all over the world:

135, 139, 445 tcp & udp
593 tcp

Trying to guess what ports trojans would use to phone home
is a lost cause.

-- 

   E Frank Ball                frankb at frankb.us



More information about the talk mailing list