Subject: | |
From: | |
Reply To: | |
Date: | Thu, 19 Apr 2007 09:29:26 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
When we first got a firewall we decided to start that way and only open
what we needed inbound and outbound. It can be a pain when we need to
open something new, but it does help with P2P and other such things
since most of the higher end ports they require are closed.
-----Original Message-----
From: Cisco Clean Access Users and Administrators
[mailto:[log in to unmask]] On Behalf Of Alex Lanstein
Sent: Wednesday, April 18, 2007 4:45 PM
To: [log in to unmask]
Subject: Re: [Offtopic] Nintendo Wii
yikes - it's not bob jones university per chance is it?
joking aside, what is the reasoning behind blocking all outbound ports
except those specifically sanctioned?
Grzeczka, Timothy J. wrote:
> We actually really hammer down on outbound ports. Many things don't
work
> 24/7 off our network. Things like video game consoles and games only
> work off hours on the weekend:
>
> Fridays 5pm - Saturday 7am
> Saturday 5pm - Monday 7am
>
> We also only open outbound ports based on need.
>
> -----Original Message-----
> From: Cisco Clean Access Users and Administrators
> [mailto:[log in to unmask]] On Behalf Of Cal Frye
> Sent: Wednesday, April 18, 2007 3:54 PM
> To: [log in to unmask]
> Subject: Re: [Offtopic] Nintendo Wii
>
> Grzeczka, Timothy J. wrote:
>
>> I have done some research on the Wii and other game systems to get
>>
> them
>
>> to work through our firewall. It's a matter of opening specific
>>
> outbound
>
>> ports. I found this info on Nintendo's website:
>> http://www.nintendo.com/consumer/systems/wii/en_na/onlineFirewall.jsp
>>
>> TCP: Allow traffic to all destinations on ports: 28910, 29900, 29901,
>> 29920, 80, and 443
>>
>
> Just curious, what /outbound/ ports do you block, besides the obvious
> NetBIOS, and relatively few others?
>
>
|
|
|