OT: Should these ports be open, on dsl router? |
|
Porsche, and the Porsche crest are registered trademarks of Dr. Ing. h.c. F. Porsche AG.
This site is not affiliated with Porsche in any way. Its only purpose is to provide an online forum for car enthusiasts. All other trademarks are property of their respective owners. |
|
OT: Should these ports be open, on dsl router? |
swood |
May 19 2004, 02:55 PM
Post
#1
|
Senior Member Group: Members Posts: 1,839 Joined: 6-February 03 From: Strong Beach Member No.: 251 Region Association: None |
21 FTP - we access, but don't support our own ftp server
23 Telnet - we do not use telnet I swear we're getting infiltrated. Gotta button the ship up. |
airsix |
May 19 2004, 10:38 PM
Post
#2
|
I have bees in my epiglotis Group: Members Posts: 2,196 Joined: 7-February 03 From: Kennewick Man (E. WA State) Member No.: 266 |
QUOTE(bperry @ May 19 2004, 04:20 PM) Many small home routers such as Linksys do not allow you seperately filter inbound/outbound ports so you have to be careful and sometimes creative with what you filter because their filtering capabilities are so limited. Also, there is alot more than just HTTP, POP, & SMTP that you are going to want to allow to have a working/functioning system and a good WEB browsing experience. (HTTPS, & DHCP immediately come to mind) There are other things like instant messaging stuff, RealVideo/Audio etc.... The main thing is to block the nasty areas that are easily exploited on Microsoft machines. The big one is multicast/broadcast protocols such as NetBT which is microsloth's NETBUI stuff slammed out in broadcast UDP packets. Umm... all that stuff is already blocked. You don't need to create filters for it. In fact you can't manually block it. It's already blocked. All you can do is OPEN it. All the little residential/SOHO routers like the models from Linksys and D-link have all this stuff setup correctly right out of the box. You don't have to set up packet filters for any of this stuff be cause all inbound requests are ignored by default with the exception of ICMP reuqests which can be turned off if you wish with a single check-box click. Then 100% of all inbound traffic is dropped and all outbound traffic is masqueraded. In other words everybody can get out and nothing can get in. Do a port scan on the public side of a Linksys router right out of the box and all you'll get is ICMP response. Turn ICMP off and it's invisible - won't respond to or forward ANYTHING (from outside to inside). You're done. Exhale. -Ben M. |
Lo-Fi Version | Time is now: 6th June 2024 - 07:30 AM |
All rights reserved 914World.com © since 2002 |
914World.com is the fastest growing online 914 community! We have it all, classifieds, events, forums, vendors, parts, autocross, racing, technical articles, events calendar, newsletter, restoration, gallery, archives, history and more for your Porsche 914 ... |