topic identify ports between PCs in Network Security

identify ports between PCs

LionKin1984 — Tue, 12 Mar 2019 06:18:48 GMT

Hello Guys

I need to identify ports between two PCs so that I can lock them down via ACL on ASA5512-x, the problem is how do I know what ports should be allowed and what should be denied?

I am aware of 'netstat', but does it mean every single port on netstat needs to be opened?

Thanks

Your application-support-team

Karsten Iwen — Wed, 22 Jul 2015 08:06:24 GMT

Your application-support-team should be able to tell you which ports the PCs need. In reality, they typically don't know.

One way to find out is to start with a "deny ip any any" and wait for the complains. Then add the needed ACEs for communication that is desired.

Or start with an ACL that allows all, but also logs the traffic. There you can identify was is done by the PC, and allow all that is needed. After some time you just remove the last "permit ip any any"-line.

Thanks for your reply Karsten

LionKin1984 — Wed, 22 Jul 2015 08:11:19 GMT

Thanks for your reply Karsten, allow any any and log sounds like a brilliant idea, I ll try that

Cheers