Configure the endpoint firewall to block operationally unneeded ports.

From Remote Endpoint STIG

Part of SRC-EPT-400 Operationally unneeded ports

Associated with IA controls: ECSC-1

SV-6804r1_rule Configure the endpoint firewall to block operationally unneeded ports.

Vulnerability discussion

Blocking all unneeded ports protects the device from potential attacks and worms. (Remote Only)

Check content

Inspect the configuration of the host-based firewall installed on the endpoint devices. Examples of ports which are needed for operation are as follows: SMTP, SSL, HTTP, and HTTPS. If other ports are open, request the IAO provide documented justification showing these ports are needed for site operations. If this documentation does not exist, this is a finding. The method of access to the firewall configuration will vary with the actual software. However, in general, the configuration can be viewed by clicking on the program icon in the desktop tray or by using the Startup Programs menu. Select the Configuration or Settings button/option and view the advanced custom settings for the Internet Zone.

Fix text

Block all unneeded ports.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer