Specific Ports needed for reducing risks
Posted: 18 Dec 2016, 19:02
Hi Everyone,
I am trying to build a New Debian 8 (Jessie) Apache2 Server for a project. I would like to secure the Server as much as possible to keep risks level to a minimum, So far, I was able to install everything after several days of trial and error. Right now, I am at the Security level of my project and ran into some difficulties getting the Firewall to allow access to a few key resources.
1. I need to print reports to one of my network printers (same subnet and octet as the Server).
2. I would like to be able to map a network drive from my Windows 10 PC that contains support docs that I use during troubleshooting and installations.
3. I would like to remotely connect to the Server, utilizing my Windows 10 RDP Client.
So far, I am able to get RDP and Printer to work, but, I am having trouble getting the Drive Mapping connection to gain access. I was able to manually create a Network Folder and Map the Drive. However, the automated connection through the Samba Network Share Group when I can see my Domain and Network PCs is not working.
So far, here is the list of Ports that I have been able to allow to access the required resources:
TCP_IN = "20,21,22,25,42,53,80,110,113,443,587,993,995,42108,10000,111,3306,3389,40058,646,3350,139,445,35642,2200,43734,49261"
TCP_OUT = "20,21,22,25,42,53,80,110,113,443,587,993,995,42108,10000,111,3306,3389,40058,631,3350,139,445,35642,2200"
UDP_IN = "20,21,22,25,42,53,113,123,137,138,445,965,631,49677,696,707,5353,10000,47241,111,646,49843,971,34045,39962,68,23420,25937,34334,42158,50109,53053"
UDP_OUT = "20,21,22,25,42,53,113,123,137,138,445,631,49677,696,707,5353,10000,47241,111,646,49843,971,34045,39962,68"
I think this is way too many ports for such a small set of requirements. Can someone please let me know the list of Ports that I need for each section to minimize the Server risk level while providing full access to the Web site and its requirements?
Thank you for your support.
I am trying to build a New Debian 8 (Jessie) Apache2 Server for a project. I would like to secure the Server as much as possible to keep risks level to a minimum, So far, I was able to install everything after several days of trial and error. Right now, I am at the Security level of my project and ran into some difficulties getting the Firewall to allow access to a few key resources.
1. I need to print reports to one of my network printers (same subnet and octet as the Server).
2. I would like to be able to map a network drive from my Windows 10 PC that contains support docs that I use during troubleshooting and installations.
3. I would like to remotely connect to the Server, utilizing my Windows 10 RDP Client.
So far, I am able to get RDP and Printer to work, but, I am having trouble getting the Drive Mapping connection to gain access. I was able to manually create a Network Folder and Map the Drive. However, the automated connection through the Samba Network Share Group when I can see my Domain and Network PCs is not working.
So far, here is the list of Ports that I have been able to allow to access the required resources:
TCP_IN = "20,21,22,25,42,53,80,110,113,443,587,993,995,42108,10000,111,3306,3389,40058,646,3350,139,445,35642,2200,43734,49261"
TCP_OUT = "20,21,22,25,42,53,80,110,113,443,587,993,995,42108,10000,111,3306,3389,40058,631,3350,139,445,35642,2200"
UDP_IN = "20,21,22,25,42,53,113,123,137,138,445,965,631,49677,696,707,5353,10000,47241,111,646,49843,971,34045,39962,68,23420,25937,34334,42158,50109,53053"
UDP_OUT = "20,21,22,25,42,53,113,123,137,138,445,631,49677,696,707,5353,10000,47241,111,646,49843,971,34045,39962,68"
I think this is way too many ports for such a small set of requirements. Can someone please let me know the list of Ports that I need for each section to minimize the Server risk level while providing full access to the Web site and its requirements?
Thank you for your support.