VectorLinux

The nuts and bolts => Networking & Security => Topic started by: flip city on November 25, 2009, 04:47:15 pm

Title: router port blocking
Post by: flip city on November 25, 2009, 04:47:15 pm
Say Say,

 I am wondering about which ports should be considered for port blocking on my router ?? Please chime in with your suggestions. ::) 
Title: Re: router port blocking
Post by: rbistolfi on November 26, 2009, 10:24:08 am
I block all of them but my ssh port.
Title: Re: router port blocking
Post by: rbistolfi on November 26, 2009, 10:32:32 am
oh and I forward port 80 for testing web stuff, but I have not done much of that lately.
Title: Re: router port blocking
Post by: flip city on November 26, 2009, 02:09:03 pm
WOW...block all 65535 ports except  22 and forward port 80. talk about a lockdown ! Can your computer even breathe ?
Title: Re: router port blocking
Post by: rbistolfi on November 26, 2009, 03:54:27 pm
If I need to access some hidden port, I usually tunnel it over ssh1. So actually, by having a ssh port opened, you gain access to all the ports you may want in a secure way.
I change ssh port from 22 to something else, you still can find the port number with nmap, but you avoid a bunch of script kiddies who always try to exploit the default port.

1. http://www.ssh.com/support/documentation/online/ssh/winhelp/32/Tunneling_Explained.html
Title: Re: router port blocking
Post by: flip city on November 26, 2009, 05:43:37 pm
Sharp. sharp. ouch, that,s sharp ! Very good and thanks for sharing your security precautions. After reading up on the posted link, I shall implement and sleep like my cats !
Title: Re: router port blocking
Post by: meme88 on March 26, 2014, 01:38:00 am
I block all of them but my ssh port.