Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Ports to block security

Posted on 2015-02-18
9
Medium Priority
?
321 Views
Last Modified: 2015-03-26
hey guys,

i have a cloud server, and i'm looking for a list of essential ports to block to keep it safe. This wont be anything production so its not a big deal, but looking for a basic list.

Thanks
0
Comment
Question by:Cobra25
  • 4
  • 4
9 Comments
 
LVL 31

Expert Comment

by:serialband
ID: 40618243
What does your server do?  You're going about it backwards.  The standard practice is to block everything except the ports you want running.

If you're running  a web server, you'd leave port 80 and port 443 or just port 443 open.  You probably want to RDP to it, so you should open a port for RDP, although I suggest not using the standard port, unless you only allow certain known, fixed IPs through.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 40618248
ok, im looking for standard ports to block please thats all.
0
 
LVL 31

Expert Comment

by:serialband
ID: 40618252
Block ports 137, 138, 139, and 445

It's still better to block everything and whitelist the ones you want.  It prevents random software from opening ports on you without your knowledge.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
LVL 4

Author Comment

by:Cobra25
ID: 40618263
thanks serial! what ports does SQL use? any other ports? are those all TCP or UDP?

Kind of doing an experiment here.
0
 
LVL 31

Expert Comment

by:serialband
ID: 40618315
They're a mix.

UDP on 138
TCP on 139
both on 137 & 445

SQL on 1433, and client ports are assigned a random value between 1024 and 5000.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 40618316
I thought SQL used more than 1 port.

Client ports I'm not concerned with
0
 
LVL 4

Accepted Solution

by:
Monika Bharti earned 2000 total points
ID: 40618538
Hi,

You have to start from all these essential ports to block security.

Port 19 (Chargen)
Blocked Inbound
This port is blocked the incoming service to enter in campus network.

Port 123 (NTP)
Blocked unapproved Server from In
This port is connected with NTP (Network Time Protocol). Due to continuing security weaknesses, incoming networks are only acceptable to connect to support NTP servers of campus.
 
Ports 135, 137, 138, and 139 (TCP and UDP Microsoft NetBIOS)
Blocked In and Out both services
In file sharing and windows file for windows NT/ME/98/95, these ports are used including Exchange Server and MS Outlook clients.

Ports 161-162 (SNMP)
Blocked only In service
These ports are generally used by SNMP (Network Monitoring Protocol). Due to continuing (ongoing) security liabilities, these ports are allowed to exit and blocked to enter in the campus network.
 
Port 445 TCP and UDP
Blocked In and out both service
For file sharing of Windows XP/2000 & 2003 these ports are used.
 
Ports 41170 and 1434 (Denial of service file sharing)
Blocked Both in and out
These ports are used DOS service for file sharing.
0
 
LVL 31

Expert Comment

by:serialband
ID: 40618769
You're right.  I found the SQL port information from this site
https://msdn.microsoft.com/en-us/library/cc646023.aspx

UDP port 1434
TCP port 1433
TCP port 433
TCP port 4022
TCP port 135

@Monika If you're going to cut and paste full text someone else's information from what appears to be some college website, please at least link to it and quote it.  They deserve some credit.
0
 
LVL 4

Author Comment

by:Cobra25
ID: 40624463
Thanks guys!

Any others were missing?
0

Featured Post

WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Suggested Courses

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question