Previous Page | Next Page

  1. Introduction
  2. Your Needs
  3. What to Protect
  4. Security Policies
  5. Security Policy Requirements
  6. Incident Procedures
  7. Security Categories
  8. Software Vulnerability Control
  9. Hostile Software
  10. Network Layout
  11. Traffic Filtering
  12. Mail
  13. Firewall Protection
  14. Network Intrusion Detection
  15. Network Port Scanning
  16. Network Tools
  17. Passwords
  18. Types of Attacks
  19. Protocol Use
  20. Entry Points
  21. Cost
  22. Application Level Protection
  23. System Protection
  24. User Issues
  25. Other Recommendations
  26. Terms
  27. Credits

Security Protocol Use

Use services that send passwords only in encrypted form. Avoid telnet and FTP.

SNMP

Avoid the use of SNMP on routers since information for this protocol is not encrypted and can provide hackers with useful information about your network. Use SNMPv2 is SNMP use is necessary.

FTP

FTP uses port 21 for commands and 20 for data.

There are two types of FTP:

  • Standard FTP - All inbound ports above 1023 must be open.
  • Passive FTP - All outbound ports above 1023 must be open.

If FTP must be supported, the most secure way to support it through the firewall is to support passive FTP.