There are many sources that list common Trojans with the ports they use on the infected machines. Is it advisable...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
or practical to configure the firewall to block outgoing traffic from the internal network that originates from these ports? Why don't these sources also list the common ports that Trojans connect to, not just from?
Yes, it is a good idea to block these ports. In fact, it is usually a good idea to block all ports other than those in use by legitimate programs. In other words, define what ports you need open and close all the rest.
I cannot answer why these sources you mention do not list the ports that the Trojans might use, other than to say that the main issue with Trojans seems to be the data/resource stealing threat they pose.
For more info on this topic, please visit these SearchSecurity.com resources:
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.