Security Protocol Use
Use services that send passwords only in encrypted form. Avoid telnet and FTP.
Avoid the use of SNMP on routers since information for this protocol is not encrypted and can provide hackers with useful information about your network. Use SNMPv2 is SNMP use is necessary.
FTP uses port 21 for commands and 20 for data.
There are two types of FTP:
- Standard FTP - All inbound ports above 1023 must be open.
- Passive FTP - All outbound ports above 1023 must be open.
If FTP must be supported, the most secure way to support it through the firewall is to support passive FTP.