"Dude, Where's my port?"

Printable View

September 15th, 2003, 09:03 PM
retfarcratS

"Dude, Where's my port?"

Hello,

I will be brief.

I have a very long list of PORTS.

I would like to close ALL unassigned PORTS.

Now,...from what I understand;
I will need to CREATE a RULE for every unassigned port number which will deny TCP/UDP from ANY SOURCE.

Is the above statement true?

If the above statement is true, thats a friggin' buttload of rules.

Humbly,
retfarcratS
September 15th, 2003, 09:15 PM
n01100110

First of all , what OS are you running ? And other than that are there any ports that you are trying to run ?
You have to ellaborate on the system you are using and the way it's setup for us to help you....
September 15th, 2003, 09:47 PM
retfarcratS

Win2K

IIS with FTP
Exchange with OWA

Real firewall

No IDS before firewall (dont know why, i think i dont care..anyway)

Humbly,
retfarcratS
September 15th, 2003, 09:51 PM
thehorse13

Most decent firewalls operate on the, "denied unless explicitly allowed" methodology. If your firewall does, then all you need to do is add your "allow" rules and you are good to go. A version of the firewall you are running would easily tell us if this is the case or not.

--TH13
September 15th, 2003, 09:57 PM
Noia

Erm, can't IPSec do:
Allow Port 1
Allow Port 2
Deny All
?
September 15th, 2003, 10:21 PM
retfarcratS

horse,

Sonicwall PRO 200

I just keep seeing a bunch of activity on my bandwidth usage log from unassigned ports. Is my original statement above TRUE or FALSE then?
September 29th, 2003, 10:01 AM
ericc

Most firewalls will have an explicit deny at the end of every rule. It is a default setting for firewalls.
I'm not sure for SonicWall, but for Cisco, there'll be a "deny any any" at the end of the rules line and it is not shown on the config page.
September 29th, 2003, 10:05 AM
Rushyo

Firewalls seem to be quite random in just how that works... o.o

My firewalls I've tried have a different effect every time I re-install 'em, blocking different ports, blocking ports I've allowed and allowing ports I've blocked... I never trust 'em :confused:
September 29th, 2003, 03:38 PM
Kilawa

retfarcratS,

If your wanting to set a default rule in the sonicwall to block all ports except ones you specify , do the following...

from the admin screen of your firewall, go to Access then rules,
Click add new rule.

Select Action = Deny
Select Service = Default
Source = *
Destination = LAN

Hit update & your done, then just add rules for the ports / services you wish to allow.
:)
HTH

All times are GMT +1. The time now is 04:17 PM.