Difference between revisions of "Filtered Ports"

From XMission Wiki
Jump to: navigation, search
(remove the redundant redundancy)
Line 1: Line 1:
 
+
== DSL ==
== Network Wide ==
+
We currently filter (block) the following ports on all DSL and Dialup connections by default:
The following ports are filtered at XMission's borders, primarily due to their abuse in "Denial of Service" attacks.
 
  
 
*19 (udp) chargen
 
*19 (udp) chargen
*1900 (udp) SSDP
 
 
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
 
*53 (udp) domain - IP addresses that test positive for open recursion DNS servers
 
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
 
*123 (udp) ntp - IP addresses that test positive for open query NTP servers
 
== DSL / Dialup ==
 
We currently filter (block) the following ports on all DSL and Dialup connections by default:
 
 
 
*135 (tcp, udp)
 
*135 (tcp, udp)
 
*137-139 (tcp, udp) NETBIOS
 
*137-139 (tcp, udp) NETBIOS
 
*445 (tcp, udp) Microsoft-DS (CIFS)
 
*445 (tcp, udp) Microsoft-DS (CIFS)
 +
*1900 (udp) SSDP
 
*1433, 1434 (udp) MS SQL Server
 
*1433, 1434 (udp) MS SQL Server
 
*4444 (tcp) Worm-sign
 
*4444 (tcp) Worm-sign

Revision as of 10:39, 9 September 2015

DSL

We currently filter (block) the following ports on all DSL and Dialup connections by default:

  • 19 (udp) chargen
  • 53 (udp) domain - IP addresses that test positive for open recursion DNS servers
  • 123 (udp) ntp - IP addresses that test positive for open query NTP servers
  • 135 (tcp, udp)
  • 137-139 (tcp, udp) NETBIOS
  • 445 (tcp, udp) Microsoft-DS (CIFS)
  • 1900 (udp) SSDP
  • 1433, 1434 (udp) MS SQL Server
  • 4444 (tcp) Worm-sign
  • 31337 (tcp) BackOrifice

We filter and block these ports by default to cut down on the number of 'drive-by' infections.

UTOPIA

At this time we do not have any filtered ports for customers specific to UTOPIA

Retrieved from "http://wiki.xmission.com/index.php?title=Filtered_Ports&oldid=7234"