[thelist] [OT?] help with port filtering

[Chris W. Parker]

hi.

i hope this isn't off topic because i can't think of any tips at the
moment. although i'll try to put one in anyways.

---------

we have a netopia r5300 t1 router for our company's broadband
connection. although it's not a *real* firewall it does have filtering
capabilities. so i would like to use what we've got and get some
filtering going on.

(all win2k machines, active directory, dns, dhcp for the clients.)

however, my problem is not knowing what to keep open. i know to keep
port 80 open for http, 443 for https, 25 for smtp... but that's about
where my research has led me. (to be clear, blocking ports on the
gateway [the t1 router] does not restrict flow on our intranet correct?)
here is a list of what we use that utilizes the internet... (basically
i'm not sure what hidden, or not-so-obvious ports are being used that i
should know about.)

http : 80
https : 443
smtp : 25
time service : (?)
outlook web access (i'll guess that owa utilizes both http or https?)
exchange2000, we only use smtp for sending mail, but i'm not sure if
there are any other ports related to exchange 2k and say, outlook web
access that i should be aware of.
dns : (?)
dhcp : (?)

no telnet, no ftp, no terminal services.


so. what do you guys think?


any and all ideas, questions, comments, resources, answers, anecdotes,
(and antidotes for that matter ;) testimonies, etc. will be helpful i'm
sure

thanks,
chris.