Avatar of corecc
corecc
 asked on

Firewall ports I can close

Hi,

I have a SBS 2008 server but reasonatly I moved to a Google apps so do not use the exchange functionality. I currenty opened the default ports on my firewall recommended by MS. Ports 25, 80, 443 , 987 and 1723. I also do not use a VPN. I have a client who is reviewing my securiy and they wants me to close all these ports. Will this affect anything and how unsafe is it to have these ports open?

Regards

Baz
SBSWindows Server 2008Windows Server 2003

Avatar of undefined
Last Comment
Mark Mahacek

8/22/2022 - Mon
SOLUTION
John

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Mark Mahacek

If you do not need access to that server from the outside, then the ports should be safe to close.  Closing the ports should not affect internal access to the server.

Port 25 = mail traffic
Ports 80 and 443 = web traffic
Port 1723 = VPN traffic
John

As I look again at port 443 (SSL VPN) it can be used for other secure sites, so take care about closing it. You probably can, but just check the outcome. .... Thinkpads_User
corecc

ASKER
mmahaek, if ports 80 and 443 are for web traffic and I close them will it stop internet access?

And will it stop logmein working
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
SOLUTION
Ashok Dewan

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER CERTIFIED SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
John

If you close off port 80 it will stop web traffic. That seems to me to be unnecissarily restrictive. You probably can safely leave 443 open without big issue. I do not have issues with ports 80 or 443 at my clients (Juniper Netscreen Firewalls). .... Thinkpads_User
Mark Mahacek

neil40m does have a point - 80 and 443 are safe to close if you are not running any other web sites on the server.

25 is safe to close if you do not have a e-mail server running.

987 and 1723 are safe to close if you don't host VPN.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
corecc

ASKER
Thanks for you advise
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
Mark Mahacek

Further research - TCP 987 is used by SBS for HTTPS access to SharePoint services in the Remote Web Workspace.

http://technet.microsoft.com/en-us/library/sbs-2008-install-worksheet(v=ws.10).aspx