Dear helpful people of reddit,
I’m currently trying to kick out unnecessary open ports out of my workplace’s firewall. The workplace itself is a small shop with a lone macOS Sierra computer in the office. The office mac is the only computer in the network (just used for accounting, eMails, etc).
I suspect that the wifi router came with prepared settings trying to make it as easy as possible for families, therefore making it a bit unsecure for businesses. For example, ports for Kazaa and IRC were already open.
Long story short, I already compared the list of ports to the necessary ones for my router and for Apple.
What I’m struggling with are ports where I’m unsure whether they’re needed for a normal business workplace or not.
I compiled them in the following table:
| Portname | Port | Description |
|---|---|---|
| clients_1 | UDP/TCP (1024 - 4999) | Ephemeral Ports |
| clients_2 | UDP/TCP (32768 - 65535) | Ephemeral Ports |
| chargen | TCP (19) | Character Generation |
| exec | TCP (512) | Remote Process Execution |
| ftp | TCP (21) | File Transfer Protocol |
| gopher | UDP/TCP (70) | Gopher |
| msp | TCP (18) | Message Send Protocol |
| netware-ip | TCP (396) | Novell Netware |
| nntp (SSL) | TCP (563) | Usenet |
| npp | TCP (92) | Network Printing Protocol |
| rap | TCP (38) | Route Access Protocol |
| rlogin | TCP (513) | Remote Login |
| rpc | TCP (135) | Remote Procedure Call |
| rtelnet | TCP (107) | Remote Telnet |
| server | UDP/TCP (5000 - 32767) | ? |
| sftp | TCP 115 | Simple File Transfer Protocol |
| sqlserv | TCP 118 | SQL server |
| talk | UDP/TCP (517 - 518) | Talk, NTalk |
| terminal server | TCP (3389) | Microsoft Terminal Server |
| tftp | UDP (69) | Trivial File Transfer Protocol |
| unpriv | UDP/TCP (1024 - 65535) | unprivileged ports |
| uucp-path | TCP (117) | UUCP Path Service |
| x400 | TCP (102) | Microsoft Exchange Service |
I would really appreciate if you could give me your advice or point me to the right website!
No comments:
Post a Comment