News Announcement Topic: At CERN

Changes in the CERN Firewall Openings

From 13 March, the configuration of CERN’s outer perimeter firewall will change. Existing firewall openings for incoming traffic will not be affected

At the last ITSRM meeting, the LHC experiments and departments agreed to change the configuration of CERN’s outer perimeter firewall so that outgoing traffic from source ports 1-1023/tcp and 1-1023/udp will be blocked by default. Exceptions for NTP might be kept. These measures will be applied from 13 March. Existing firewall openings for incoming traffic will not be affected.

Currently, correct usage of the TCP and UDP protocol prevents the use of these lower ports when establishing a client connection. Outgoing traffic on these ports is remarkably low - only misconfigured or “malicious” devices were observed using these ports. With this closure, such traffic will be blocked within CERN and without polluting the Internet.

For comments and further information, please contact Computer.Security@cern.ch.

Also On At CERN

Fabiola Gianotti receives the 2024 prize from...

At CERN
News

Blazing trails: CMS cavern evacuation paves t...

At CERN
News

Handover at the CERN Ombud’s Office

At CERN
News

Mitigating the environmental impact of CERN p...

At CERN
News

CERN and the Swiss Arts Council announce the ...

At CERN
News

CERN to change name for 70th Anniversary

At CERN
News

Spring at CERN, your photos

At CERN
News

News from the March CERN Council Session

At CERN
Opinion
Fabiola Gianotti

Brazil becomes Associate Member State of CERN

At CERN
News
View all news