RE: [fw-wiz] Benefit of firewall over NAT-only 'protected' networ k

From: Noonan, Wesley (Wesley_Noonan_at_bmc.com)
Date: 05/28/03

  • Next message: Mikael Olsson: "Re: [fw-wiz] traffic analysis" 
    To: "'ark@eltex.net'" <ark@eltex.net>, Paul Robertson <proberts@patriot.net>
Date: Wed, 28 May 2003 14:10:09 -0500

    > What's wrong with irc? It is a good communication tool.

    Got a business use for it? Until then, it doesn't matter how good it is, it
    doesn't go through the firewall...

    > Even "out of the box" irc is not more insecure than widely-used ICQ.
    > I even encourage users to use corporate IRC server as generic
    > messaging tool. It is far better than using ICQ (with mirabilis servers
    > usually!) as _really many_ companies that have no own IM system do.

    Not an either/or situation in my mind. I don't care if irc is better or
    worse than anything else. If I can't come up with a need for it, and I
    personally can't, then it should be stopped at the firewall IMO.

    NAT presents a false sense of security, and that alone makes it a bad
    security choice.

    Wes Noonan, MCSE/CCNA/CCDA/NNCSS/Security+
    Senior QA Rep.
    BMC Software, Inc.
    (713) 918-2412
    wnoonan@bmc.com
    http://www.bmc.com

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: Mikael Olsson: "Re: [fw-wiz] traffic analysis"

    Relevant Pages

    • Re: [fw-wiz] Benefit of firewall over NAT-only protected network
      ... It is a good communication tool. ... It is reasonable to deny DCC file transfers, though, and there should ... clients per platform that to be allowed in your office, ... Even "out of the box" irc is not more insecure than widely-used ICQ. ...
      (Firewall-Wizards)
    • Re: [Full-Disclosure] Why is IRC still around?
      ... IRC is a great communication tool that has grown and evolved over the ... There will always be a medium for "questionable activities" ... and illegal acts to propagate regardless of what communication link ... > 4) That many organized DoS attacks through PC zombies are initiated through IRC? ...
      (Full-Disclosure)
    • Re: [fw-wiz] Benefit of firewall over NAT-only protected network
      ... It is a good communication tool. ... offices don't have *any business reason* to do IRC, ... It is far better than using ICQ (with mirabilis servers ... and the small number of people who have a business case to use it from ...
      (Firewall-Wizards)
    • Re: [fw-wiz] stopping bots from phoning home
      ... well it works fine on my dsl connection! ... the majority of support calls that we receive are from the very ... > with the newer IM clients that do IRC. ... that having a firewall on the box that can see which program is trying to ...
      (Firewall-Wizards)
    • sending out spam through IRC server ?
      ... IRC connections ... firewall is not allowing incoming SMTP connections ... sending spam. ... was the first thing I did after receiving first complain. ...
      (Incidents)