Blocking ports 1024-1030 excessive?

I just blocked ports 1024-1030 as per

formatting link
was motivated by repeated requests to access that port (for some reason, many such request are coming from China).

Is it excessive to block them all? I use a laptop who's main connectivity is through dialup, though I sometimes hookup the ethernet connection to a campus LAN or a home network (a friend's router).

Reply to
Dubious Dude
Loading thread data ...

All incoming ports should be blocked so no one on the outside can see your system. Use a software firewall since you are on dial-up. There is no such thing as over kill on internet security.

Reply to
Woody

We see most of the inbound on many ports, but 445, 1026, 1433, 1434 are very common - we actually set the firewall to block any IP attempting to access our 445, 1026, 1433, 1434 ports for 20 minutes and then release the block. It's been amazingly effective at blocking compromised machines.

You should block anything that doesn't keep you from doing your work.

Reply to
Leythos

I am on dial-up and using a PFW and it's blocking those unsolicited inbound requests. So no I wouldn't waste my time setting additional rules as the PFW is knocking down that traffic. But if you want to feel comfortable setting the rules then you should do it. I also supplement the PFW solution with IPsec that's on the Win 2k and XP O/S(s) and it's knocking it all down and the PFW is not even logging the blocked traffic as it's not reaching it.

Duane :)

Reply to
Duane Arnold

Block everything, inbound and outbound, that's not known to be needed.

Ray

Reply to
Me

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.