Bill H
asked on
Ports to block security
hey guys,
i have a cloud server, and i'm looking for a list of essential ports to block to keep it safe. This wont be anything production so its not a big deal, but looking for a basic list.
Thanks
i have a cloud server, and i'm looking for a list of essential ports to block to keep it safe. This wont be anything production so its not a big deal, but looking for a basic list.
Thanks
ASKER
ok, im looking for standard ports to block please thats all.
Block ports 137, 138, 139, and 445
It's still better to block everything and whitelist the ones you want. It prevents random software from opening ports on you without your knowledge.
It's still better to block everything and whitelist the ones you want. It prevents random software from opening ports on you without your knowledge.
ASKER
thanks serial! what ports does SQL use? any other ports? are those all TCP or UDP?
Kind of doing an experiment here.
Kind of doing an experiment here.
They're a mix.
UDP on 138
TCP on 139
both on 137 & 445
SQL on 1433, and client ports are assigned a random value between 1024 and 5000.
UDP on 138
TCP on 139
both on 137 & 445
SQL on 1433, and client ports are assigned a random value between 1024 and 5000.
ASKER
I thought SQL used more than 1 port.
Client ports I'm not concerned with
Client ports I'm not concerned with
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
You're right. I found the SQL port information from this site
https://msdn.microsoft.com/en-us/library/cc646023.aspx
UDP port 1434
TCP port 1433
TCP port 433
TCP port 4022
TCP port 135
@Monika If you're going to cut and paste full text someone else's information from what appears to be some college website, please at least link to it and quote it. They deserve some credit.
https://msdn.microsoft.com/en-us/library/cc646023.aspx
UDP port 1434
TCP port 1433
TCP port 433
TCP port 4022
TCP port 135
@Monika If you're going to cut and paste full text someone else's information from what appears to be some college website, please at least link to it and quote it. They deserve some credit.
ASKER
Thanks guys!
Any others were missing?
Any others were missing?
If you're running a web server, you'd leave port 80 and port 443 or just port 443 open. You probably want to RDP to it, so you should open a port for RDP, although I suggest not using the standard port, unless you only allow certain known, fixed IPs through.