I'm going to write to my company's firewall admin, with a list of ports that I need to open for my job (sw development & integration). Am I forgetting some?
20 FTP data (File Transfer Protocol)
21 FTP (File Transfer Protocol)
22 SSH (Secure Shell)
23 Telnet
25 SMTP (Send Mail Transfer Protocol)
115 SFTP (Secure File Transfer Protocol)
161 SNMP (Simple Network Management Protocol)
194 IRC (Internet Relay Chat)
389 LDAP (Lightweight Directory Access Protocol)
443 SSL (Secure Socket Layer)
3690 SVN (Subversion)
On 01/08/2009 04:04 AM, snipped-for-privacy@gmail.com sent:
Possibly.
It might be good to list all your applications. What port(s) are used for your backups? Some smtp has gravitated to tcp 587. Do you wish to ping or be pinged? You posted to a newsgroup; tcp 119, 563? Do you want your clock sync'd; NTP udp 123. Do you use a browser? tcp 80,
8080. YMMV...
It might also be helpful to delineate udp/tcp.
A packet sniffer would be much better in the long run.
NOTE: Posting from groups.google.com (or some web-forums) dramatically reduces the chance of your post being seen. Find a real news server.
You are posting from a search engine. Did you try to put the title of this article in the 'search for' block? Here, let me help you:
Results 1 - 10 of about 350,000 for list of common ports. (0.20 seconds)
Yes, and you've got some wrong. You could start by getting
formatting link
OK - though FTP is not secure.
Telnet is not used very often, because it sends the username and password as ordinary text - that ANYONE can read, the same problem as FTP. Use ssh instead.
Simple Mail Transport Protocol - RFC0821 and RFC2821 which is incoming and outgoing mail TO THE WORLD. Why do you think you need these open?
That's funny. No, this is 'Simple File Transfer Protocol, an obsolete protocol (RFC0913) that _was_ used to provide files for booting a diskless computer - see RFC0951 for additional details. You want nothing to do with this service, or it's functional replacement Trivial File Transfer Protocol (RFC1350). Depending on your network and server configuration, you _MAY_ want ports 989 and 990 for FTP over SSL.
As you are not the firewall admin, and apparently have little detailed knowledge of networking and security, a better idea is to make a list of those services you need access to/from the Internet (in reality, this should be very few), and _WHY_ you need them - then provide that list to your firewall admin and let him determine the ports that need to be open.
There are three example of services that have no business being open to the world. Those are pretty large security holes no one needs.
Hard to tell, as you didn't specify what you want to actually DO.
For example, why do you require SMTP access to the Internet, or is it FROM the Internet? Do you want to set up your own mailserver? Do you want to set up a server that sends email to people outside (and why can't you relay through the company mail gateway)?
Besides... good heavens, why do you want to open the ports for "Security - Not My Problem"?
And while I can see the need for Subversion access for a software developer - is your company really hosting its Subversion repository on the Internet?
not easy, since before giving you a list of port we'd need to know which "services" you'll really need; at any rate, your list is missing some "basic" ports, that is
also, I'm not sure you may really need port 23, telnet isn't used so much these times, and usually when it comes to remote shell, SSH is the best choice; also, if you need to connect to a single external machine or network, I think that instead of opening up all those ports you may consider setting up a VPN either using SSL or IPSec
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.