skip to primary navigationskip to content
 

Technical summary of port blocking for high-numbered incoming ports

If an institution has opted in to the scheme, tcp and udp packets with a destination port number in the range 1024-63999 will be rejected where they enter an institution's network from the CUDN, subject agreed exceptions by IP address or by port. The blocking is introduced in two stages:

  1. A period of monitoring is undertaken to determine whether the exceptions listed below will be adequate, or whether additional exceptions are needed.
  2. After agreeing the exceptions with the institution's IT staff, the blocking is activated.

Based on experience to date, the exceptions in the following table are used as a starting point for most institutions. The table may be updated in the light of further experience.

Destination
port/protocol
Source
port
Source
addresses
UseComment
any/tcp any any any only for established tcp connections
any/udp less than
1024
any any (e.g. response from nameservers)
6000/tcp
6001/tcp
any any X-windows
8008/tcp
8080/tcp
any any alternatives
for http
any/tcp 20 any ftp-data
any any 131.111.8.0/23
131.111.3.0/24
172.16.3.0/24
central servers
(incl. PWF)

Contact

If you have any enquiries regarding UIS network services, or other University network topics, please send an email to:

UIS Service Desk


  Phone padded  01223 332999

UIS bITe-size bulletin


A regular newsletter aimed at the University's IT community, highlighting service and project news from UIS.

Sign up >  |  Back issues

UIS Service Status

Phone padded  Service status line: (01223) 463085
Website padded  Sign up for SMS/email status alerts

RSS Feed Latest news

Changes to the Friendly Probing Suite on 19 August

Aug 06, 2019

We'll be adjusting the vulnerability ratings on the new Friendly Probing Suite and decommissioning the old service on Monday 19 August.

Lecture capture: Panopto planned maintenance on Saturday 10 August

Aug 05, 2019

Lecture capture recordings will be unavailable during the evening of Saturday 10 August because Panopto is undergoing an upgrade.

View all news