Kim-- Others have contributed some URLs of port lists so I won't add to that. I will say however that if you are interested in learning if you are being attacked, look more to an IDS system than your FW.
For example, may people allow ssh acces to Unix boxes and hhtp access to Windows/IIS hosts. Your FW won't do much to alert you to the fact that someone is attempting a buffer-overflow attack (yes, you can selectively detect and block some traffic to/from specific hosts/nets but it isn't practical as a responsive measure in most cases). Your FW, along with router ACLs, IDS, proxy and content-checking servers are all just layers in your network security framework. Deploying and utilizing each layer properly will usually provide the best results. Chris -----Original Message----- From: Kim Longenbaugh To: [EMAIL PROTECTED] Sent: 11/20/01 8:45 AM Subject: [FW-1] list of ports used in exploits/hacks Is there a listing of ports used in hacks/exploits available? That would come in pretty handy and might be more useful for anyone trying to find out if they're being attacked than the regular list of ports. =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
