ports

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Just reading up on ports and a question popped into my head.

What would happen if all ports were blocked apart from the usual ones for HTTP and FTP like 20,21 and 80 with all other blocked?

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Then you'd be able to view some webpages (Not necessarily in full), and make FTP transfers. Nothing else.
Mind you, without 53 open, you probably wouldn't be able to resolve the URLs against their respective IPs, so web browsing might be out of the question. Anyone want to answer that one for me please? Ha.

 

I did forget 53. So would having the rest blocked cause any problems with say automatic application updates etc? such as windows.

 

Blocked outbound or inbound? Technically most firewalls now don't overtly 'block' access to specific ports - they filter it. If you 'block' a port it indicates that there may be something sat there that could be worth attacking. A 'proper' firewall solution should also block outbound ports to prevent already compromised hosts from communicating with the outside world (think bots trying to communicate via IRC or SMTP) - so that you only allow your hosts to connect out to the Internet via a defined proxy (you can also implement proper filtering policies at this chokepoint so that, for example, your acceptable use policy can be enforced via web-filtering software).

In short, if you portscan your external IP from another external IP you shouldn't see 'any' ports on that IP address except any you have specifically opened up - e.g. port 80/443 for a webserver, 25 for SMTP etc.

 

I am going to do a port scan when I get home tonight. With my firewall everything is blocked unless I have a policy set up for it (this goes for inbound and outbound). I have never had an alert yet but have had attempts recorded when looking at the firewall logs.

Is there anyway I could make it more secure or am I being a bit paranoid?

 

GBL - Why don't you PM me your external IP and I'll run a qucik nmap scan against it? That will pick up anything obvious - provided a port-scan doesn't throw up anything untoward you should be OK - there are other methods of 'finding' you, but tbh unless you're a legitimate bona fide target, there's waaaaay too much low-hanging fruit out there for anyone to bother trying to rinse you!

 

Ok I'll send you it, I wont be home until 6.45ish so I will do it then if that's ok. (I couldn't tell you it of the top of my head).

 

is it not 192.168.1.2? thats what mine is

 

nah .1 at the end but its the WAN one 66. somethong or other

 

That's your internal (private) address. The WAN address is what I need - that's what your 'external' IP address is and that's how you can communicate with the outside world.

 

NP - make sure its a PM though, for obvious reasons

 

LOL!
i knew that already - was just messing about!

 

LAWL - you obviously need to be a bit blunter in your sarcasm - that was far too subtle for a thick-headed tool like me