In an effort to continually improve the security of the University network. University IT will be initiating a series of measured modifications to firewall rule sets over the next several weeks. At first, we will be focusing on the more significant entry points for potential inappropriate activity. All communications associated with this effort will consist of a brief description of the changes as well a description of the present day risk and potential service impact.
Change to be applied 7/2/2008, 6:00 am:
Modify rules to hosts on 128.151.50.X network to limit inbound traffic from the Internet to necessary ports and accept all traffic from University of Rochester networks, thereby limiting exposure to attacks from the Internet affecting servers on these networks directly.
Existing firewall rules allow excessive traffic to servers on the 128.151.50 network. The open Internet facing ports for these applications will be limited to port 80 and 443 for Sharepoints and other web servers, and port 3389 for Terminal Services. When servers are listening on ports that are not required for an application they present an open door for intrusion and possible compromise of a system. Once a system is compromised the integrity and availability of the applications and data present on that system are in question.