Due to a recent increase in torrentz and p2p usage on our network, and the current equipment and services available, we have decided that the best way to stop this with out spending money, is to block all unknown ports outbound access on the firewall at our ISP. (currently we have all outbound open)
I need some advice on which ports need to be open for outbound.
We are going to leave the following open with restrictions.
Port 80 and 443: Allowed only from our web proxy.
Port 21: Open outbound
Port 25: Allowed only from our authorised email servers.
Are there any other critial ports that need consideration. I assume DNS ports need to be open, or would a better option be to allow ALL out from our DC's\DNS servers?
Other inbound services that might need consideration; we have webmail, rpc over http, pptp vpn, blackberry, pop3, imap, sql replication from external. I am not sure if these need corresponding ports open for outbound responses? I might just open all outbound access from the servers hosting these.