Difference between revisions of "Filtered Ports"

From XMission Wiki
Jump to: navigation, search
(remove the redundant redundancy)
(Added Yellowstone and colocation information)
 
(2 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
== UTOPIA ==
 +
We do not filter any ports for UTOPIA customers.
 +
 +
 +
== Yellowstone Fiber ==
 +
We do not filter or block any ports on Yellowstone Fiber. However, while we are not filtering any ports, if you need port forwarding, please contact XMission for a static public IP address.
 +
 +
 +
== Colocation ==
 +
We do not filter any ports for colocation customers.
 +
  
== Network Wide ==
+
== Dialup ==
The following ports are filtered at XMission's borders, primarily due to their abuse in "Denial of Service" attacks.
+
We currently filter (block) the following ports on all Dialup connections by default:
  
 
*19 (udp) chargen
 
*19 (udp) chargen
*1900 (udp) SSDP
 
 
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
 
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
 
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
 
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
 
== DSL / Dialup ==
 
We currently filter (block) the following ports on all DSL and Dialup connections by default:
 
 
 
*135 (tcp, udp)
 
*135 (tcp, udp)
 
*137-139 (tcp, udp) NETBIOS
 
*137-139 (tcp, udp) NETBIOS
 
*445 (tcp, udp) Microsoft-DS (CIFS)
 
*445 (tcp, udp) Microsoft-DS (CIFS)
 +
*1900 (udp) SSDP
 
*1433, 1434 (udp) MS SQL Server
 
*1433, 1434 (udp) MS SQL Server
 
*4444 (tcp) Worm-sign
 
*4444 (tcp) Worm-sign
Line 19: Line 26:
  
 
We filter and block these ports by default to cut down on the number of 'drive-by' infections.
 
We filter and block these ports by default to cut down on the number of 'drive-by' infections.
 
== UTOPIA ==
 
At this time we do not have any filtered ports for customers specific to UTOPIA
 
  
 
[[Category:Troubleshooting]]
 
[[Category:Troubleshooting]]

Latest revision as of 09:08, 25 January 2023

UTOPIA

We do not filter any ports for UTOPIA customers.


Yellowstone Fiber

We do not filter or block any ports on Yellowstone Fiber. However, while we are not filtering any ports, if you need port forwarding, please contact XMission for a static public IP address.


Colocation

We do not filter any ports for colocation customers.


Dialup

We currently filter (block) the following ports on all Dialup connections by default:

  • 19 (udp) chargen
  • 53 (udp) domain - IP addresses that test positive for open recursion DNS servers
  • 123 (udp) ntp - IP addresses that test positive for open query NTP servers
  • 135 (tcp, udp)
  • 137-139 (tcp, udp) NETBIOS
  • 445 (tcp, udp) Microsoft-DS (CIFS)
  • 1900 (udp) SSDP
  • 1433, 1434 (udp) MS SQL Server
  • 4444 (tcp) Worm-sign
  • 31337 (tcp) BackOrifice

We filter and block these ports by default to cut down on the number of 'drive-by' infections.