Filtered Ports: Difference between revisions

From XMission Wiki
Jump to navigation Jump to search
← Older editNewer edit →
remove the redundant redundancy
Jorgen (talk | contribs)
12 edits
No edit summary
Line 1: Line 1:
 
== DSL ==
== Network Wide ==
We currently filter (block) the following ports on all DSL and Dialup connections by default:
The following ports are filtered at XMission's borders, primarily due to their abuse in "Denial of Service" attacks.


*19 (udp) chargen
*19 (udp) chargen
*1900 (udp) SSDP
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
== DSL / Dialup ==
We currently filter (block) the following ports on all DSL and Dialup connections by default:
*135 (tcp, udp)
*135 (tcp, udp)
*137-139 (tcp, udp) NETBIOS
*137-139 (tcp, udp) NETBIOS
*445 (tcp, udp) Microsoft-DS (CIFS)
*445 (tcp, udp) Microsoft-DS (CIFS)
*1900 (udp) SSDP
*1433, 1434 (udp) MS SQL Server
*1433, 1434 (udp) MS SQL Server
*4444 (tcp) Worm-sign
*4444 (tcp) Worm-sign

Revision as of 10:39, 9 September 2015

DSL

We currently filter (block) the following ports on all DSL and Dialup connections by default:

  • 19 (udp) chargen
  • 53 (udp) domain - IP addresses that test positive for open recursion DNS servers
  • 123 (udp) ntp - IP addresses that test positive for open query NTP servers
  • 135 (tcp, udp)
  • 137-139 (tcp, udp) NETBIOS
  • 445 (tcp, udp) Microsoft-DS (CIFS)
  • 1900 (udp) SSDP
  • 1433, 1434 (udp) MS SQL Server
  • 4444 (tcp) Worm-sign
  • 31337 (tcp) BackOrifice

We filter and block these ports by default to cut down on the number of 'drive-by' infections.

UTOPIA

At this time we do not have any filtered ports for customers specific to UTOPIA

Retrieved from "https://wiki.xmission.com/index.php?title=Filtered_Ports&oldid=7234"