Policy RWTH Firewall (EN)
Blocked Services
Traffic
| Service | Destination Port | Protocol | Direction | Comment |
|---|---|---|---|---|
| P2P | 411 - 412 1214 1412 1421 4660 - 4672 6346 6881 - 6889 6669 14662 | TCP/UDP | In/Out | Repeated Copyright Violation |
Security
| Service | Destination Port | Protocol | Direction | Comment |
|---|---|---|---|---|
| Various services | <1024 | TCP/UDP | In | Only to registered servers of the RWTH |
| epmap | 135 | TCP/UDP | Out | Only from registered clients of the RWTH, CA-2003-20 |
| unpriv-ports | <=40000 | TCP/UDP | In | Only to registered servers of the RWTH |
| bacnet | 47808 | UDP | In | |
| Netis Router | 53413 | UDP | In | to keep logfiles clean |
| IPv6 in IPv4 | 41 | In/Out | ||
| Diverse Protokolle | - | 53,55,57 | In | CA-2003-15 |
Blocked Networks
| Network | Reason | Comment |
|---|---|---|
| Unassigned /8 address blocks | Spoofing, unassigned | IANA |
| 10.0.0.0/8 | Private network | RFC 1918 |
| 172.16.0.0/12 | Private network | RFC 1918 |
| 192.168.0.0/16 | Private network | RFC 1918 |
| Diverse hosts | SSH, HTTP port scanning | Blast-o-mat Global |
| Diverse networks | SANS block list | SANS |
| Diverse hosts | Compromised hosts | Emerging Threats |
| Diverse hosts | Compromised hosts | Cisco Talos |
| Diverse Hosts | Compromised hosts | CINS |
| Diverse Hosts | Compromised hosts | Binary Defense |
| Diverse Hosts | Compromised hosts | SANS Top 100 |
| Diverse Hosts | Compromised hosts | Alienvault |
| Diverse Hosts | Compromised hosts | Blocklist.DE |
| Diverse Hosts | Compromised hosts | firehol.org (only hosts) |
| Diverse Hosts | Malicious | abuse.ch URLhaus (only HTTP) |
| 128.192.14.77/32 | SPAM | |
| 207.44.156.141/32, HTTP(S) | Content | RP Düsseldorf |
| 216.12.219.26/32, HTTP(S) | Content | RP Düsseldorf |
| 165.121.158.98/32, HTTP(S) | Content | RP Düsseldorf |
| 64.82.99.192/32, HTTP(S) | Content | RP Düsseldorf |
| - currently none - | Cracking | Spybot server |
