Ports to Block, con't

Phil.Rodrigues at uconn.edu Phil.Rodrigues at uconn.edu
Tue Jun 4 22:36:44 GMT 2002


Hi all,

First - many thanks to the 24 institutions who responded to my "do you 
block Windows Networking" inquiry.  21 said they did, 2 said they didn't 
but wanted to based on policy or technical changes, and 1 unapologetically 
did not block it nor did they plan to.  If anyone else cares to share with 
me if your school blocks 137-9/445 from the Internet feel free to send me 
a private email.

I am in the final stages of considering such a block for UConn, and a 
colleague asked "well, is there anything else should we block as well?"  I 
have seen the SANS and CERT guidelines for what ports they consider 
harmful, and have a decent idea of what ports we get compromised the most 
on.  Does anyone care to share what ports they block at their institution? 
 We are trying to find an ideal compromise between ports with very few 
legitimate purposes and very large vulnerabilities - the fewer the better 
IMHO.

Thanks in advance.  If I see some sort of consensus from the replies I 
will update the list.

Phil

=======================================
Philip A. Rodrigues
Network Analyst, UITS
University of Connecticut

email: phil.rodrigues at uconn.edu
phone: 860.486.3743
fax: 860.486.6580
web: http://www.security.uconn.edu
=======================================



More information about the unisog mailing list