[rescue] firewalling windoze crap
Carl R. Friend
crfriend at rcn.com
Sat Aug 16 20:22:46 CDT 2003
On Sat, 16 Aug 2003, Jonathan C. Patschke wrote:
> On Sat, 16 Aug 2003, Dave McGuire wrote:
>
> > What ports do I need to block on my firewall to protect him from this
> > latest bullshit? And what ports in general should I block to help
> > protect his machine?
>
> UDP and TCP ports 135 - 139 (RPC, DCOM, NetBIOS).
> UDP and TCP port 445 (SMB)
> UDP and TCP port 522 (User-location protocol)
> UDP port 3389 (Remote Desktop)
> TCP ports 5800 - 5999 (WinVNC)
The best bet when one is talking firewalls is to block *everything*
and then only allow what you want in *explicitly*. That solves the
problem of forgetting to *block* something unexpected (and there's
always something unexpected).
Obviously you need to let stuff in that your local system asked for,
but that's where statefulness comes into play.
Cheers.
+------------------------------------------------+---------------------+
| Carl Richard Friend (UNIX Sysadmin) | West Boylston |
| Minicomputer Collector / Enthusiast | Massachusetts, USA |
| mailto:crfriend at rcn.com +---------------------+
| http://users.rcn.com/crfriend/museum | ICBM: 42:22N 71:47W |
+------------------------------------------------+---------------------+
More information about the rescue
mailing list