« Previous Next »

• 08-06-2008, 9:11 AM

  MVCNoob Joined on 03-10-2008, 8:26 PM Posts 28

  Safe to block these ports? Reply Contact My Server: Windows Server 2008 used for ASP.NET websites SQL Server 2005 Express (no remote access required) FTP 7.0 SmarterMail installed (pop3 access) SSL certification. Terminal service So the ports I need so far is: http     80 ftp      20/21 email     110, 25 SSL     443 Terminal    3389 When I open up Windows Firewall, I order by 'enabled' Inbound rules. I have these enabled, are these safe for me to block? Ports: 8172 Web Manag. Service (http traffic-in) 135 Local WMI - 135T 161 SNMP Service (UDP in) 143 IMAP 143T 113 IDENT 445 File & Print Sharing (SMB-in) 139 File and print sharing (NB-session-in) 137 File and print sharing (nb-name-in) 138 file and print shareing (nb-datagram-in) 86 Epo Control 53 DNS - 53U 68 Core-netowkring dynamic host configuration (UDP) Thanks allot!

• 08-06-2008, 11:36 AM

  In reply to

  rlucero Joined on 09-29-2006, 3:35 PM Seattle, WA Posts 164	Re: Safe to block these ports? Reply Contact Some of those ports are pretty important (DNS especially).  Are you just trying to lock down your server ports or is it something else?

• 08-06-2008, 11:52 AM

  In reply to

  MVCNoob Joined on 03-10-2008, 8:26 PM Posts 28

  Re: Safe to block these ports? Reply Contact  Well I am trying to pass the PCI compliance test. The report says I have to fix the vulnerabilities in: TCP 135: Windows DCE Service Accessibility Ports associated with modern Windows networking features based on DCE remote procedure calls are accessible from the Internet. This generally reflects a lack of adequate firewalling or other network-level access control. Service: Local DCE Ports: tcp/49155 tcp/49154 tcp/49152 tcp/49153 tcp/49156   TCP 135/145: Windows Networking Services Accessibility Ports associated with modern Windows networking features are accessible from the Internet. This generally reflects a lack of adequate firewalling or other network-level access control. Service: (135) Local DCE Ports: tcp/49155 tcp/49154 tcp/49152 tcp/49153 tcp/49156 Service: (445) -

• 08-06-2008, 10:59 PM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,889	Re: Safe to block these ports? Reply Contact That is good.  Did they zing you having port 3389 open? Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 08-07-2008, 7:20 AM

  In reply to

  MVCNoob Joined on 03-10-2008, 8:26 PM Posts 28	Re: Safe to block these ports? Reply Contact No they didn't, the only other thing I have to fix is the SSL port, as it allows an older version of ssl to work which I have to disable. So Steve, from the list I provided, which ones can I safely block in your opinion?

• 08-08-2008, 10:44 AM

  In reply to

  MVCNoob Joined on 03-10-2008, 8:26 PM Posts 28	Re: Safe to block these ports? Reply Contact so I can't block those ports?

• 08-09-2008, 11:12 AM

  In reply to

  steve schofield Joined on 06-10-2002, 8:54 PM MI Posts 3,889

  Re: Safe to block these ports? Reply Contact Blocking all ports except port 80, 443, 110, 25, 3389 looks like a reasonable list.  All I was stating when I went through a pci compilance scan 3389 had to be blocked in order to pass.  Or use certificates on RDP connections.  It had a be the latest version or the scans flagged it. Steve Schofield Windows Server MVP - IIS http://weblogs.asp.net/steveschofield http://www.IISLogs.com Log archival solution Install, Configure, Forget

• 08-18-2008, 4:03 PM

  In reply to

  MVCNoob Joined on 03-10-2008, 8:26 PM Posts 28	Re: Safe to block these ports? Reply Contact  Ok I blocked port TCP 135. There are some other rules that allow access to port 135, will those be overriden by my block?