Security Protocols....

[cravenj]

What is the importance of using security protocols, such as IPSEC or L2TP? I would want to protect my server from outside malicious attacks.

[mmerkow]

Neither IPSec nor L2Tp will protect your Web site from malicious attacker or even survellivence attempts. To protect it you need to put it behind a firewall that will limit the types of traffic that can enter or leave your private network from and to the Internet.

IPSec and L2TP will protect the communications of those who have a remote, branch office, or extranet connection to privleged services on your network, but they will do nothing to protect the permiter of the network if there's an Internet connection to it (anywhere).

Hope this helps-

Mark Merkow, CCP, CISSP

[cravenj]

Thank you for your input. It is greatly appreciated. Forgive me for not fully understanding, but,... if I had a wireless router for example, would the router (with its firewall) be sufficient enough to prevent outside attacks...or would some configuration be necessary?

[mmerkow]

This is actually a great question and it would wonderful to see more people like you who are concerned about attacks on their Web servers...

The firewall on the Access Point may or may not be sufficient to protect any servers attached to it. Typically, the Access Point firewall is open to any traffic that is 'normal' for a business network, including HTTP, FTP, DCOM, ODBC, etc. If you do not need these ports open on the firewall, then close them (if you can) and 'harden' the Web server by removing unecessary programs (like FTP Server) if it's not in use for your business, otherwise you may find yourself as a target from hackers who use the server to store warez programs or other files you'd rather not let them store for free.

Your best best is to hire a security-savvy person who can check your configuration from your side of the network and turn off what is not needed and configure the firewall for maximum protection.

[cravenj]

Thanks for your guidance. I am pretty familiar with opening and closing of ports and it begins to make more sense to me now. It really is valuable information to know about and I would admonish all to research similar topics too and to be aware of the possibilities of hackers and malicious attacks on their servers. Thanks again for the heads up.

Jeff

[doctordon]

Is there any list of the ports used by various pieces of software so I can tell what ports I need to keep always open or can move to "port listening" (incoming port is opened only after an outgoing message on a specific port occurs)?

That would be a very useful lookup table for all firewalls, routers, etc.

Thanks,

[mmerkow]

Check out the Internet Assigned Numbers Registry at www.iana.org

[pfusco]

Hi Doc:

How did your "port listening" project turn out? Did you find what you needed at IANA?

[doctordon]

I am still compiling a list of all of the ports I need to set up listening on, etc. I have downloaded a few things (the IANA list, etc.) and made screenshots of others and I have checked the various software I've used (like pcAnywhere) to find the standard ports used. I'm almost thinking this might be a nice project to go onto my upcoming webpage as a public service. This way anyone seeing something which needs to be added can email me and I can be a clearing house.

If you know of any more resources, I'd like to get them. I have no poblem with attributing source sites for data, in fact, I insist on it so anyone who finds an error can determine if its mine or someone elses.

Thanks for checking back in. I am still learning about firewalls and all of that good stuff. I can usually figure out how to get one to work the way I need but I'd like to KNOW how to do this instead of having to guess.