No announcement yet.

Question regarding open outgoing ports

  • Filter
  • Time
  • Show
Clear All
new posts

  • Question regarding open outgoing ports

    Dear all,

    I have had someone come and tell me that its standard practice to allow outgoing ports 1025 - 65535 TCP and UDP to be open.

    Three (3) questions immediately come to mind:
    1) Is it truely a standard practice?
    2) How wise is it to allow all of those outgoing ports to be open?
    3) In practice, what should I really be doing?

    (I am using a hardware appliance from WatchGuard if it makes any difference)

    Thanks in advance!


  • #2
    It is definately BAD practice to open all outgoing ports, the main reason for this is reverse shell execution.

    The more outgoing ports you have open the more likely a potential hacker is to discover this and can then route his shell back out of this port.

    I never open any outgoing ports that are not needed, especially from a server. I know it can be a pain when you are troubleshooting and you don't have internet access on the server but it's definately more secure.

    * Shamelessly mentioning "Don't forget to add reputation!"


    • #3
      Thanks for the input - I thought it was a really bad practice.

      Are there really people out there who are trying to make a standard of having a set number of ports open by default?


      • #4
        There are so many cowboys out there it's untrue.

        many get thrown in at the deep end and just don't have the fundamental knowledge to fully understand the job\technologies.

        * Shamelessly mentioning "Don't forget to add reputation!"