[Dshield] Closing ports

Alan Frayer afrayer at frayernet.com
Mon Sep 15 18:46:27 GMT 2003


On Wed, 2003-09-10 at 18:38, Jon R. Kibler wrote:

> The firewalls I am familiar with allow you to control access based upon:
> 	Incoming Packets
> 	Outgoing Packets
> 	Forwarded Packets
> 
> And within each of these categories, you can control access based upon protocol. Within each protocol, you have protocol-specific degrees of control. For example, with TCP, you call permit or deny access based upon whether it is an established session. Such capabilities generally eliminates the worry about ports > 1024.

I forgot to ask another stupid question, now that I found how to make my
upper TCP ports open dynamically: what about the UDP ports over 1023?
They cannot be controlled dynamically like the TCP ports. Is it safe to
leave those open? If not, what needs to be open, or what needs to be
closed?

________________________________________________________________________
Alan Frayer,CNE,CNI,CIW CI,MCP,Net+ - afrayer at frayernet.com
Seeking an IT Mgmt/Network Admin position in the Tampa Bay Region
If you would like to discuss an opportunity with me, please e-mail.





More information about the list mailing list