|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: commonly blocked ISP ports
seems to me this is the wrong question... a default security "posture" (network or system, isp or enterprise or any type of entity) should be: "if it's not explicitly allowed, it's denied."On Wednesday 14 September 2005 15:41, Luke Parrish wrote:Not quite looking for tips to manage my network and ACL's or if should or don't look for specific ports to block. lock down everything, both *egress* (arguably as important as ingress, and typically completely ignored) and ingress, and start opening only specific ports that are absolutely necessary. yes, it's a lot more work to do this but it's a lot safer. many worm/trojan infections happen because egress is completely open, and "permit tcp any any established" is the first line in the ingress acl. -b
|