Clint, Rather than trying to block a large number of ports I would recommend blocking everything and opening only what is necessary for your site to use. It's much easier to define the small number of ports you'll need to have open and IMHO it's much better practice to deny everything that is not explicitly permitted rather than trying to define what might be "dangerous" and block all of those ports. Just to give you an example, http://www.sans.org/newlook/resources/IDFAQ/oddports.htm is a list of some, but not all, ports used by trojans.
A list of well known ports is http://www.iana.org/assignments/port-numbers which is a handy reference and a good place to start. Vicky ----- Original Message ----- From: "Clint Goodwin" <[EMAIL PROTECTED]> To: "security-basics" <[EMAIL PROTECTED]> Sent: Sunday, March 17, 2002 5:46 AM Subject: Help With firewall ports > Hi all, > > I was wondering what would be a good list of ports to block at my > firewall. > I have some of the most common ones covered , however I Don't have > > a lot of experience with firewalls yet. > Can someone point me to a good resource or even provide me with a > list to help me get started. > > Thanks in advance > > Clint Goodwin
