Date: Fri, 12 Feb 1999 14:37:10 -0700 (MST) From: wildcardus freakis <wildcard@dax.belen.k12.nm.us> To: freebsd-questions@FreeBSD.ORG Subject: Queer Behavior... Message-ID: <Pine.BSF.3.96.990212135911.20488A-100000@dax.belen.k12.nm.us>
next in thread | raw e-mail | index | archive | help
Hey Yall...
I ran into something wierd today when I was trying to tighten up
security in my firewall rules.
I wrote these rules in keeping in mind the obvious junk like DNS, TELNET,
SSH, etc....
The goal was to lock up as many ports as possible without kinking normal
stuff...
#$fwcmd add 0556 deny log tcp from any to ${oip} 11
#$fwcmd add 0557 deny log udp from any to ${oip} 11
#$fwcmd add 0558 deny log tcp from any to ${oip} 37
#$fwcmd add 0559 deny log udp from any to ${oip} 37
#$fwcmd add 0660 allow udp from any to ${oip} 123
#$fwcmd add 0660 allow tcp from 192.168.1.2 to ${oip}
#$fwcmd add 0660 allow tcp from 206.206.121.11:8080 to ${oip}
#$fwcmd add 0660 allow udp from 206.206.121.11:8080 to ${oip}
#$fwcmd add 0660 deny log tcp from any to ${oip} 109-1079
#$fwcmd add 0661 deny log udp from any to ${oip} 109-1079
#$fwcmd add 0662 deny log tcp from any to ${oip} 4000-5999
#$fwcmd add 0663 deny log udp from any to ${oip} 4000-5999
#$fwcmd add 0664 deny log tcp from any to ${oip} 6000-49999
#$fwcmd add 0665 deny log udp from any to ${oip} 6000-49999
ok. When I loaded these rules in every windows machine in my domain came
up with this error...and obviously could not access the web or anything
inc. telnet to other domains:
Fatal Exception 0E has occured at somestupidmemadd in VXD MSTCP(01) +
000092F7
can anyone tell me why? also where can I find a list of all ports 1-50000
(not /etc/services)...Does M$loth crap use non standard ports for web
connections and stuff? What was really wierd was that I could still access
everything fine from my UNIX/FREEBSD machines just not MSWINDOWS crap.
does anyone have a list of ports that are not neccessary and can be
blocked?
Thanks.
Sasha
-----BEGIN GEEK CODE BLOCK-----
GCM/CS/CC/GO d--- s: a--- C+++(++++) ULB+++(++++) P+ L++(+++) E--- W+(++) N+ O
K---- W---- O M-- V PS! PE! Y++ PGP++(+++) t++:+++> 5++ X++@ R+@ tv++ b++:+++> DDI+++ D++ G++:+++> e:+> h*:++@ r- !y+
-----END GEEK CODE BLOCK-----
www.geekcode.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAza/c7UAAAEEAOmJDB7LkJqynF6nlLRNTLPq23PKnU5G+mNCACKJBlzwJuQ8
tohYSan+4QKY0l6Ton547LU/r49YNIx8tqACfLhbyMWiumOL1cRCYMufCnjEeWDa
d73LbKRvHgyMcGopiAIqLk7ieJ/Xc6joVN3GojpM3Zoy96dSUyTheUku+Y9tAAUR
tB93aWxkY2FyZEBpbi1kYXguYmVsZW4uazEyLm5tLnVz
=UM6D
-----END PGP PUBLIC KEY BLOCK-----
This is the way the world ends
This is the way the world ends
This is the way the world ends
Not with a Bang, but with a whimper.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990212135911.20488A-100000>