Re: Port Forwarding
- From: "Lanwench [MVP - Exchange]" <lanwench@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 16 Oct 2006 10:34:24 -0400
In news:78FAB2EE-38BC-4D01-8A86-E5B62F498698@xxxxxxxxxxxxx,
BenP <BenP@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi Lanwench
Thanks for that.
I plan to close all the ports I can, once I know what ports the mx
record my domain name is sending. I have been told that is mite be
110 but I am not sure.
No. It's 25. *Everything* should be closed unless it is not needed - this
is true even for testing. It takes only a few nanoseconds for uninvited
visitors to get into your network.
As for the FTP server being in the DMZ, I am planning that once I
figure out how to do it with our existing hardware, our firewall is
built into our router. The FTP server is not high on my list of
things to sort right now.
Do not open up FTP access to a server on your LAN. This is a bad idea from a
security standpoint. Remember, it isn't malicious individuals you need to
worry about - there are lots of port scanners & zombie machines out there.
My main consern is sorting the port issue, and then working out why I
am having emails rejected from our SMTP. I have found out from AOL
who are rejecting our mail that:
The IP address you have supplied - xx.xxx.xxx.xxx - is listed as a
dynamic address on the MAPS DUL
I have requested that we are removed from this list but not heard
anything back as yet
In the meantime, you could try forwarding your outbound mail (esp to AOL) to
your ISP's SMTP server as a smarthost.
Thanks
Ben
"Lanwench [MVP - Exchange]" wrote:
In news:FF47EDA8-2625-4B6F-A5B2-35EC0F8247F7@xxxxxxxxxxxxx,
BenP <BenP@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi all
Just a quick question, I have had my ISP forward our MX recort to
our static IP address. I have also setup that all ports are
forwarded from the router to our Exchange Server on our network.
Everything is working very well, even the smtp server I setup
works, but I am very worried about the security issue of having all
ports open on the router.
Does anyone have a list of ports I should and should not open, I am
running Exchange on one server, and a ftp & smtp server on another.
Exchange is on s Win2K3 SBS Enterprise R2 server and the ftp & smtp
server is on Win2K.
Thanks
Ben
P.S. I am also trying to get remote desktop working on Windows 2000
server
As to the ports you shouldn't have open - well, hard to say, but in
general, you should have none that you don't need, and none that are
going to invite trouble into your network. It would be easier to
answer your question if you posted a list of ports you have
open/forwarded now.
What is the other SMTP server for/ what is it doing now?
If you must use FTP, don't put it on your LAN - put it in your DMZ.
.
- References:
- Re: Port Forwarding
- From: Lanwench [MVP - Exchange]
- Re: Port Forwarding
- From: BenP
- Re: Port Forwarding
- Prev by Date: Re: Port Forwarding
- Next by Date: Re: Port Forwarding
- Previous by thread: Re: Port Forwarding
- Next by thread: Re: Port Forwarding
- Index(es):
Relevant Pages
|
