commonly blocked ISP ports
Kim Onnel
karim.adel at gmail.com
Thu Sep 15 07:29:27 UTC 2005
Depends where you will put your ACL too,
we have this on our Ingress from the internet
10 deny ip 127.0.0.0 <http://127.0.0.0> 0.255.255.255
<http://0.255.255.255>any (118 matches)
20 deny ip 10.0.0.0 <http://10.0.0.0> 0.255.255.255
<http://0.255.255.255>any (23297 matches)
30 deny ip 172.16.0.0 <http://172.16.0.0> 0.15.255.255
<http://0.15.255.255>any (8 matches)
40 deny ip 192.168.0.0 <http://192.168.0.0> 0.0.255.255
<http://0.0.255.255>any (19 matches)
50 deny tcp any any eq 135 (6750649 matches)
60 deny udp any any eq 135 (20275 matches)
70 deny tcp any any eq 445 (18420302 matches)
80 deny udp any any eq 1026 (3481591 matches)
90 deny ip x.x.x.x 0.0.0.255 <http://0.0.0.255> any
where x.x.x.x is your IPs
and you could add bogons
But of course you might not want to block some of those as some home
customers could use them to connect back to their intranet, but those should
use tunnels IMHO.
On 9/15/05, Peter Dambier <peter at peter-dambier.de> wrote:
>
>
> There is only one port worth blocking:
>
> Block port 80 (http)
>
> All other ports might be in use for redirected ssh, telnet, ftp, ...
>
> Blocking port 80 will keep windows people from accidently clicking
> nonsense.
>
> :)
>
> Kind regards,
> Peter and Karin Dambier
>
>
> Luke Parrish wrote:
> >
> > Everyone,
> >
> > Does anyone have a reference point for commonly blocked ports?
> >
> > We have a list, some reactive and some proactive, however we need to
> > remove ports that are no longer a threat and add new ones as they are
> > published.
> >
> > Thanks
> > luke
> >
>
>
> --
> Peter and Karin Dambier
> Public-Root
> Graeffstrasse 14
> D-64646 Heppenheim
> +49-6252-671788 (Telekom)
> +49-179-108-3978 (O2 Genion)
> +49-6252-750308 (VoIP: sipgate.de <http://sipgate.de>)
> mail: peter at peter-dambier.de
> http://iason.site.voila.fr
> http://www.kokoom.com/iason
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20050915/593d2267/attachment.html>
More information about the NANOG
mailing list