corecc
asked on
Firewall ports I can close
Hi,
I have a SBS 2008 server but reasonatly I moved to a Google apps so do not use the exchange functionality. I currenty opened the default ports on my firewall recommended by MS. Ports 25, 80, 443 , 987 and 1723. I also do not use a VPN. I have a client who is reviewing my securiy and they wants me to close all these ports. Will this affect anything and how unsafe is it to have these ports open?
Regards
Baz
I have a SBS 2008 server but reasonatly I moved to a Google apps so do not use the exchange functionality. I currenty opened the default ports on my firewall recommended by MS. Ports 25, 80, 443 , 987 and 1723. I also do not use a VPN. I have a client who is reviewing my securiy and they wants me to close all these ports. Will this affect anything and how unsafe is it to have these ports open?
Regards
Baz
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As I look again at port 443 (SSL VPN) it can be used for other secure sites, so take care about closing it. You probably can, but just check the outcome. .... Thinkpads_User
ASKER
mmahaek, if ports 80 and 443 are for web traffic and I close them will it stop internet access?
And will it stop logmein working
And will it stop logmein working
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you close off port 80 it will stop web traffic. That seems to me to be unnecissarily restrictive. You probably can safely leave 443 open without big issue. I do not have issues with ports 80 or 443 at my clients (Juniper Netscreen Firewalls). .... Thinkpads_User
neil40m does have a point - 80 and 443 are safe to close if you are not running any other web sites on the server.
25 is safe to close if you do not have a e-mail server running.
987 and 1723 are safe to close if you don't host VPN.
25 is safe to close if you do not have a e-mail server running.
987 and 1723 are safe to close if you don't host VPN.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for you advise
Further research - TCP 987 is used by SBS for HTTPS access to SharePoint services in the Remote Web Workspace.
http://technet.microsoft.c om/en-us/l ibrary/sbs -2008-inst all-worksh eet(v=ws.1 0).aspx
http://technet.microsoft.c
Port 25 = mail traffic
Ports 80 and 443 = web traffic
Port 1723 = VPN traffic