Friday, March 22, 2019

Necessary open ports for business

Dear helpful people of reddit,

I’m currently trying to kick out unnecessary open ports out of my workplace’s firewall. The workplace itself is a small shop with a lone macOS Sierra computer in the office. The office mac is the only computer in the network (just used for accounting, eMails, etc).

I suspect that the wifi router came with prepared settings trying to make it as easy as possible for families, therefore making it a bit unsecure for businesses. For example, ports for Kazaa and IRC were already open.

Long story short, I already compared the list of ports to the necessary ones for my router and for Apple.

What I’m struggling with are ports where I’m unsure whether they’re needed for a normal business workplace or not.

I compiled them in the following table:

Portname Port Description
clients_1 UDP/TCP (1024 - 4999) Ephemeral Ports
clients_2 UDP/TCP (32768 - 65535) Ephemeral Ports
chargen TCP (19) Character Generation
exec TCP (512) Remote Process Execution
ftp TCP (21) File Transfer Protocol
gopher UDP/TCP (70) Gopher
msp TCP (18) Message Send Protocol
netware-ip TCP (396) Novell Netware
nntp (SSL) TCP (563) Usenet
npp TCP (92) Network Printing Protocol
rap TCP (38) Route Access Protocol
rlogin TCP (513) Remote Login
rpc TCP (135) Remote Procedure Call
rtelnet TCP (107) Remote Telnet
server UDP/TCP (5000 - 32767) ?
sftp TCP 115 Simple File Transfer Protocol
sqlserv TCP 118 SQL server
talk UDP/TCP (517 - 518) Talk, NTalk
terminal server TCP (3389) Microsoft Terminal Server
tftp UDP (69) Trivial File Transfer Protocol
unpriv UDP/TCP (1024 - 65535) unprivileged ports
uucp-path TCP (117) UUCP Path Service
x400 TCP (102) Microsoft Exchange Service

I would really appreciate if you could give me your advice or point me to the right website!



No comments:

Post a Comment