{"id":193,"date":"2011-08-29T10:11:00","date_gmt":"2011-08-29T10:11:00","guid":{"rendered":"https:\/\/belayclientstaging.zone\/securityeverafter\/2011\/08\/29\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/"},"modified":"2011-08-29T10:11:00","modified_gmt":"2011-08-29T10:11:00","slug":"control-13-limitation-and-control-of-network-ports-protocols-and-services","status":"publish","type":"post","link":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/","title":{"rendered":"Control 13: Limitation and Control of Network Ports, Protocols, and Services"},"content":{"rendered":"<p>Just as mentioned in <a href=\"http:\/\/www.securityeverafter.com\/2011\/07\/control-5-boundary-defense.html\">Control 5 Boundary Defense<\/a>, proper ingress and egress filtering should be in place. Diligently maintaining awareness of the traffic that is allowed into and out of your network is critical. <\/p>\n<p><a href=\"http:\/\/www.sourcefire.com\/\">SourceFire<\/a> <a href=\"http:\/\/www.sourcefire.com\/security-technologies\/cyber-security-products\/3d-system\/network-awareness\">RNA<\/a> Compliance Rules allow the administrator to create rules that mirror the firewall rules and alert when any other traffic occurs. This is configured in the administrative console at Policy &amp; Response, Compliance, Rule Management, Create or open a Group.&nbsp; Select If a flow event occurs and meets the following conditions. Add a condition such as if Payload is AOL Mail. This feature in RNA allows the user to define approved flows and respond to everything not specifically allowed. Policy violations and new traffic flows will become immediately apparent and will be complimentary to the traditional network firewall rules.<\/p>\n<p>Perform daily network discovery scans using <a href=\"http:\/\/nmap.org\/\">nmap<\/a>. Depending on the complexity of the network, multiple scanners may need to be deployed to ensure complete coverage. List the name of each service running on the network and attempt to justify its business need. Consider an <a href=\"http:\/\/nmap.org\/book\/ndiff-man-periodic.html\">nmap diff scan<\/a> to identify all hosts and their associated services. Using the diff option, results for the new scan are compared to the previous one, with only the changes being noted.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Just as mentioned in Control 5 Boundary Defense, proper ingress and egress filtering should be in place. Diligently maintaining awareness of the traffic that is allowed into and out of your network is critical. SourceFire RNA Compliance Rules allow the administrator to create rules that mirror the firewall rules and alert when any other traffic [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[20,21,22],"tags":[],"jetpack_publicize_connections":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO\" \/>\n<meta property=\"og:description\" content=\"Just as mentioned in Control 5 Boundary Defense, proper ingress and egress filtering should be in place. Diligently maintaining awareness of the traffic that is allowed into and out of your network is critical. SourceFire RNA Compliance Rules allow the administrator to create rules that mirror the firewall rules and alert when any other traffic [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\" \/>\n<meta property=\"og:site_name\" content=\"Security Ever After - vCISO\" \/>\n<meta property=\"article:published_time\" content=\"2011-08-29T10:11:00+00:00\" \/>\n<meta name=\"author\" content=\"Russell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:site\" content=\"@russelleubanks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Russell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\"},\"author\":{\"name\":\"Russell\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\"},\"headline\":\"Control 13: Limitation and Control of Network Ports, Protocols, and Services\",\"datePublished\":\"2011-08-29T10:11:00+00:00\",\"dateModified\":\"2011-08-29T10:11:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\"},\"wordCount\":220,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"articleSection\":[\"Automation\",\"Operational Security\",\"SANS Top 20 Controls\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\",\"url\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\",\"name\":\"Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO\",\"isPartOf\":{\"@id\":\"https:\/\/securityeverafter.com\/#website\"},\"datePublished\":\"2011-08-29T10:11:00+00:00\",\"dateModified\":\"2011-08-29T10:11:00+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/securityeverafter.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Control 13: Limitation and Control of Network Ports, Protocols, and Services\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/securityeverafter.com\/#website\",\"url\":\"https:\/\/securityeverafter.com\/\",\"name\":\"Security Ever After - CISO\",\"description\":\"vCISO\",\"publisher\":{\"@id\":\"https:\/\/securityeverafter.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/securityeverafter.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/securityeverafter.com\/#organization\",\"name\":\"Security Ever After\",\"url\":\"https:\/\/securityeverafter.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1\",\"width\":1169,\"height\":826,\"caption\":\"Security Ever After\"},\"image\":{\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/russelleubanks\",\"https:\/\/www.linkedin.com\/in\/russelleubanks\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3\",\"name\":\"Russell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg\",\"caption\":\"Russell\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/","og_locale":"en_US","og_type":"article","og_title":"Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO","og_description":"Just as mentioned in Control 5 Boundary Defense, proper ingress and egress filtering should be in place. Diligently maintaining awareness of the traffic that is allowed into and out of your network is critical. SourceFire RNA Compliance Rules allow the administrator to create rules that mirror the firewall rules and alert when any other traffic [&hellip;]","og_url":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/","og_site_name":"Security Ever After - vCISO","article_published_time":"2011-08-29T10:11:00+00:00","author":"Russell","twitter_card":"summary_large_image","twitter_creator":"@russelleubanks","twitter_site":"@russelleubanks","twitter_misc":{"Written by":"Russell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#article","isPartOf":{"@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/"},"author":{"name":"Russell","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3"},"headline":"Control 13: Limitation and Control of Network Ports, Protocols, and Services","datePublished":"2011-08-29T10:11:00+00:00","dateModified":"2011-08-29T10:11:00+00:00","mainEntityOfPage":{"@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/"},"wordCount":220,"commentCount":0,"publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"articleSection":["Automation","Operational Security","SANS Top 20 Controls"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/","url":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/","name":"Control 13: Limitation and Control of Network Ports, Protocols, and Services - Security Ever After - vCISO","isPartOf":{"@id":"https:\/\/securityeverafter.com\/#website"},"datePublished":"2011-08-29T10:11:00+00:00","dateModified":"2011-08-29T10:11:00+00:00","breadcrumb":{"@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/securityeverafter.com\/control-13-limitation-and-control-of-network-ports-protocols-and-services\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/securityeverafter.com\/"},{"@type":"ListItem","position":2,"name":"Control 13: Limitation and Control of Network Ports, Protocols, and Services"}]},{"@type":"WebSite","@id":"https:\/\/securityeverafter.com\/#website","url":"https:\/\/securityeverafter.com\/","name":"Security Ever After - CISO","description":"vCISO","publisher":{"@id":"https:\/\/securityeverafter.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/securityeverafter.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/securityeverafter.com\/#organization","name":"Security Ever After","url":"https:\/\/securityeverafter.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","contentUrl":"https:\/\/i0.wp.com\/securityeverafter.com\/wp-content\/uploads\/2020\/04\/SECURITY-e1589664916497.jpg?fit=1169%2C826&ssl=1","width":1169,"height":826,"caption":"Security Ever After"},"image":{"@id":"https:\/\/securityeverafter.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/russelleubanks","https:\/\/www.linkedin.com\/in\/russelleubanks\/"]},{"@type":"Person","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/38dd34bdece8068be18430e4c96ce5f3","name":"Russell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/securityeverafter.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8567bffe1f64223494326650c53f921b?s=96&r=pg","caption":"Russell"}}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/193"}],"collection":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/comments?post=193"}],"version-history":[{"count":0,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/posts\/193\/revisions"}],"wp:attachment":[{"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/media?parent=193"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/categories?post=193"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/securityeverafter.com\/wp-json\/wp\/v2\/tags?post=193"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}