Ports-tcp/ip filter-how do you know which ports to block tcp/udp/ip 1

[trasshcan]

I've got 50 clients on NT SBS server with ADSL and a firewall

How do I know which ports to keep open so that the client can operate with the minimum number of ports open.

Also same for the server

 

[Daveyboy2]

It depends on what you're trying to let through.

PCAnywhere - 5631 TCP, 5632 UDP, 22 UDP

If you're just browsing the web, you won't have to open up any ports unless your firewall needs an access list. I.E. Cisco.

You have to know what programs you are running and if they actually need to go through the firewall.

-= Beer is food! Is it suppertime? =-
If ya like the info on the posts - rate them helpful!

 

[compgirlfhredi]

In TCP/IP and UDP networks, a port is an endpoint to a logical connection and the way a client program specifies a specific server program on a computer in a network. Some ports have numbers that are preassigned to them by the IANA, and these are known as well-known ports (specified in RFC 1700). Port numbers range from 0 to 65536, but only ports numbers 0 to 1024 are reserved for privileged services and designated as well-known ports. This list of well-known port numbers specifies the port used by the server process as its contact port.
Port Number Description
1 TCP Port Service Multiplexer (TCPMUX)
5 Remote Job Entry (RJE)
7 ECHO
18 Message Send Protocol (MSP)
20 FTP -- Data
21 FTP -- Control
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
29 MSG ICP
37 Time
42 Host Name Server (Nameserv)
43 WhoIs
49 Login Host Protocol (Login)
53 Domain Name System (DNS)
69 Trivial File Transfer Protocol (TFTP)
70 Gopher Services
79 Finger
80 HTTP
103 X.400 Standard
108 SNA Gateway Access Server
109 POP2
110 POP3
115 Simple File Transfer Protocol (SFTP)
118 SQL Services
119 Newsgroup (NNTP)
137 NetBIOS Name Service
139 NetBIOS Datagram Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
156 SQL Server
161 SNMP
179 Border Gateway Protocol (BGP)
190 Gateway Access Control Protocol (GACP)
194 Internet Relay Chat (IRC)
197 Directory Location Service (DLS)
389 Lightweight Directory Access Protocol (LDAP)
396 Novell Netware over IP
443 HTTPS
444 Simple Network Paging Protocol (SNPP)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
1080 Socks



Even an RRAS box using NAT is wide open to attack unless packets are specifically being filtered in order to stop all processing of traffic on affected ports, not just routing. The port numbers relevant to Blaster are as follows:

TCP:
135
139
445
593
4444
UDP:
69
135
137
138

Right now, you occupy a point where three lines reach across the expanse of time and space and intersect only there, and that you and only you possess.

 

[trasshcan]

Thanks you two - is there any nice free or cheap s/w that will give me a laymans user friendly summary of which ports are open

 

[jyike]

Hi all,

Thanks for the port listing. Now can anyone tell me how do I close the ports (which out a firewall) on the NT4 server? A step-by-step is greatly appreciated.

Thanks again.

 

[RiezalR]

There is an option for IP filtering in the network setting in NT 4.0. Try a few things, you'll learn more that way.

 

[rdroske]

I'm not aware of any IP fiiltering you can do on NT without a firewall add-on. Where in Network is that?

Your not thinking of IP forwarding are you? That's routing not filtering.

 

[JBruyet]

Trasshcan, you can go to Steve Gibson's site, grc.com, and go to ShieldsUp. His site can do a remote check to see what ports you have open to the internet. I thought I was pretty good, but when I checked from his site I discovered I had my port 139 open. Ouch!

HTH,

Joe Brouillette

 

[RiezalR]

rdroske,
You are right, there is no option in the Network settings for IP filtering. But during my test installations of NT, there was an option to filter ports. There was something like filtering UDP ports and the likes. I can't remember it that well, but i will look into it and post it here when i do find it.