Q

What ports do I close to keep out Trojans?

There are many sources that list common Trojans with the ports they use on the infected machines. Is it advisable...

or practical to configure the firewall to block outgoing traffic from the internal network that originates from these ports? Why don't these sources also list the common ports that Trojans connect to, not just from?

Yes, it is a good idea to block these ports. In fact, it is usually a good idea to block all ports other than those in use by legitimate programs. In other words, define what ports you need open and close all the rest.

I cannot answer why these sources you mention do not list the ports that the Trojans might use, other than to say that the main issue with Trojans seems to be the data/resource stealing threat they pose.


For more info on this topic, please visit these SearchSecurity.com resources:
  • Best Web Links: Common vulnerabilities and prevention tips
  • On-demand webcast: Malicious Code -- What to do?
  • White paper: Computer viruses -- What you need to know to protect yourself and your company

  • This was last published in September 2003

    Dig Deeper on Malware, Viruses, Trojans and Spyware

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close