To maintain a secure network environment, we enforce network-wide inbound traffic blocks on the following ports. These ports are commonly exploited for unauthorized access, malware propagation, and cyberattacks.
135 - 139 (NetBIOS) – Prevents unauthorized file sharing and remote code execution.
445 (NetBIOS over TCP/IP) – Blocks SMB traffic to mitigate ransomware threats.
497 (Backup Software) – Protects backup systems from unauthorized access.
389 (LDAP - Lightweight Directory Access Protocol) – Prevents directory service exploitation.
68 (DHCP - Dynamic Host Configuration Protocol) – Secures IP address assignment from external tampering.
1433 - 1434 (SQL Server Ports) – Defends against database breaches and SQL injection attacks.
1025 (MS Scheduled Task Endpoint) – Mitigates remote execution vulnerabilities.
By blocking these high-risk ports, we:
Enhance network security by preventing unauthorized access.
Improve performance by reducing unnecessary traffic.
Mitigate cyber threats such as ransomware, DDoS, and SQL injection attacks.
Regularly auditing and updating firewall rules is critical to maintaining a robust cybersecurity posture.