## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://archive.ubuntu.com/ubuntu jammy multiverse
# deb-src http://in.archive.ubuntu.com/ubuntu/ jammy multiverse
deb http://archive.ubuntu.com/ubuntu jammy-updates multiverse
# deb-src http://in.archive.ubuntu.com/ubuntu/ jammy-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu jammy-backports multiverse main restricted universe
deb-src http://archive.ubuntu.com/ubuntu jammy-backports main restricted universe multiverse #Added by software-properties
# deb-src http://in.archive.ubuntu.com/ubuntu/ jammy-backports main restricted universe multiverse
# This system was installed using small removable media
# (e.g. netinst, live or single CD). The matching "deb cdrom"
# entries were disabled at the end of the installation process.
# For information about how to configure apt package sources,
# see the sources.list(5) manual.
deb http://security.ubuntu.com/ubuntu/ jammy-security multiverse main restricted universe
In Windows Server, there are certain ports that should be kept closed to the outside world to increase security. By closing these ports, you can make your system more protected against external threats. Here are some common ports that should be closed to outsiders and why:
1. Ports that should be kept closed in general
21 (FTP): File Transfer Protocol should be closed to access from the outside world. If necessary, use more secure alternatives such as SFTP or FTPS.
23 (Telnet): Telnet provides unencrypted data transmission. More secure protocols such as SSH (port 22) should be used.
25 (SMTP): Simple Mail Transfer Protocol should be turned off if your server is not a mail server.
110 (POP3): Post Office Protocol v3 should be closed to access from the outside world.
135 (RPC): Remote Procedure Call should be closed to outside access because it is often an attack surface.
137-139 (NetBIOS): NetBIOS should be closed to external access.
143 (IMAP): Internet Message Access Protocol should be closed to outside access.
445 (SMB): Server Message Block should be closed to outside access because it is often an attack surface.
3389 (RDP): Remote Desktop Protocol, should be closed to outside access if possible. Access via VPN is a more secure option.
3306 (MySQL): The MySQL database port should only be open for local network access.
5432 (PostgreSQL): The PostgreSQL database port should only be open for local network access.
8080 (HTTP Proxy): This port is typically used for proxy and alternate HTTP ports. It should be closed to external access.
2. Configure Firewall Settings
You can close these ports by configuring your firewall:
Turn on Advanced Security with Windows Firewall:
Open the "Advanced Security with Windows Firewall" application from the Start menu.
Configure Inbound Rules:
Click "Inbound Rules" in the left panel.
Click "New Rule" in the right panel.
Select the "Port" option and click the "Next" button.
Select "TCP" and "Specific Local Ports", type the ports you want to close separated by commas (for example, 21,23,25,110,135,137-139,143,445,3389,3306,5432,8080).
Select the "Block Connection" option and click "Next".
Select for which profiles (domain, private, public) you want to apply this rule and click "Next".
Give a name for the rule (for example, "Ports Closed to the Outside") and click "Finish".
3. Extra Safety Tips
Review Default Rules: Review other ports that are open by default and close them as needed.
Monitor and Update: Review your firewall settings and open ports regularly and update them if necessary.
VPN Usage: Use a VPN to access remote desktops or other sensitive services. This prevents direct access from the outside world and provides an additional layer of security.
Security Updates: Apply the latest security updates and patches for your Windows Server and all installed software.
By following these steps, you can securely configure ports on your Windows Server that should be closed to the outside world.
