[Dshield] Closing Ports or Why?

Al Reust areust at comcast.net
Wed Oct 22 00:57:32 GMT 2003


Closing Ports or Why?

I have been asked why do I lock things down so tight, do you ever have 
problems when you do that?

Over the years I have had several Interns and others that had a natural 
curiosity. Some that were forced and paid to learn from me go figure.. So 
figuring the best way to describe why and make it understandable was 
important. Esp.. when I would be repeating it many times.

The Best analogy that I could come with is that Ports are like your 
Bathroom Window (when connected to the Internet). If You go to take a 
shower with the Window open, the breeze comes and goes and makes it 
comfortable in the summer time. The problems lies in that the window is 
OPEN, so someone like me peeking knows all You Secrets.

"Your" Comfort and Convenience are, Your Undoing.

No Microsoft did not tell you that ports 135, 137-139 and 445 were the 
devil outside Your Bathroom Window.. Nor do they make it simple for anyone 
to close the Window.

So No! This does not mention the host of ports or a list of everyone 
favorite ports to close or why. It was a simple example to make it easier 
to explain. Yes I have explained to an MBA that wondered why his 
spreadsheet was broken and then was asked that other stupid question why do 
you spend so much time locking things down. He got the point! Not to 
mentioned I fixed the stupid mistake in his spreadsheet.

The First Premise is that You Build Security from the Ground Up. It is 
easier to unlock the New Barn Door, than to figure out which unlocked door 
all the animals were stolen from.

Yes the answer to the second question is that building that type of 
security is sometimes tough and time consuming. In the long run it saves 
you time! See, figuring out which open barn door the animals were stolen from.


R/

Al




More information about the list mailing list