My recommendation would be to get Building Internet Firewalls from
O'Reilly, Second Edition. It contains detailed descriptions of all
protocols, including ports used, proxying characteristics, NAT'ing
issues, as well as good general firewall design info. An invaluable
resource for anyone starting on this. Its not free (and you can
probably dig up all the info for free) but its what I use when I have
questions about a particular app.

Basic rule: you want to deny all except those which you specifically
need.

--
Henry Sieff
(504) 620-3420
> -----Original Message-----
> From: Kevin Kaminski [mailto:Kevin.Kaminskitelus.com]
> Sent: Thursday, April 04, 2002 12:55 PM
> To: focus-mssecurityfocus.com
> Subject: Detailed Port Filtering
> 
> 
> I'm looking at building my first IP port firewall for my Windows
2000
> Server. I have looked at IP port references such as
> http://www.iana.org/assignments/port-numbers but it seems 
> that the list is
> not specific as to weather the protocol requires both TCP/UDP 
> connections. I
> have found a list that almost has what I am looking for
> (http://www.chebucto.ns.ca/~rakerman/port-table.html) but it covers
a
> limited range of services. I could sit with a sniffer and 
> take the server
> through it's paces but I was wondering if someone would know 
> a good resource
> that could help an NT Administrator make sound decisions 
> while building a
> port filter.
> 
> 

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]