FieldNote: Scanned firewall, found TCP ports open: 25, 80, 443

One time, I had a phone call from the ISP for the company I was working at and they said they did a firewall scan without notifying us. Ok, thanks for that, but next time, be honest and let us know when you are going to perform a penetration test and we’ll be happy to work with them.

They told me that the firewall was extraordinarily strong and only allowed three ports access to two specific IP addresses using the follow TCP ports: 25, 80, and 443. They mentioned it would be wise to consider closing those ports to not allow access for a more secure environment. I then thought, if I block the Exchange server from using TCP’s 25, 80/443, then no need for mail flow nor OWA. And the TCP 80/443 ports on the web server, wouldn’t need to host up any web pages for the customers. Thus, no need to pay the ISP for any bandwidth usage and save money and they would lose out on our money. Sigh…thanks for the information.