Re: [fw-wiz] trusted & untrusted ports

From: Hilal Hussein (hilalma_at_hotmail.com)
Date: 11/10/03

  • Next message: Tomasz Ramsza: "[fw-wiz] pix configuration / errors question"
    To: hydra291@hotmail.com, firewall-wizards@honor.icsalabs.com
    Date: Mon, 10 Nov 2003 07:43:25 +0000
    
    

    Hello List,

    Let me clarify some points in my prevous email. YES it is the application
    which opens a socket to allow connections on certain ports.
    So my questions here are :

    Q1 - How to identifiy trust vs untrusted ports. As sometimes, users working
    within our network will ask to open certain ports in the firewall in order
    to allow communication to a certain application outside the coorporate
    network. From security prespective, based on what evaluation should i accept
    or reject opening the requested port(s) ? maybe it will know to be used by
    hackers, or viruses as a threat.

    Q2 - Reading some technical documents about accessing applications over the
    net, I noticed that sometimes the connection is not a client/server
    technique, it could be through the http port, in other words, no need to
    open specific port in order to be able to access the net application from
    within our network coorporate since it is using the http port.

    Hopefully now my points is clearer,

    with regards,

    Hilal

    _________________________________________________________________
    MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*.
    http://join.msn.com/?page=features/virus

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Tomasz Ramsza: "[fw-wiz] pix configuration / errors question"

    Relevant Pages

    • troubles defining firewall policies
      ... restricting high ports. ... I use RH 7.3 and my eth0 interfase is part of the class C network ... use the linux machine as their gateways so all the network traffic is ... Grant incoming connections for every IP of my network ...
      (RedHat)
    • troubles defining firewall policies
      ... restricting high ports. ... I use RH 7.3 and my eth0 interfase is part of the class C network ... use the linux machine as their gateways so all the network traffic is ... Grant incoming connections for every IP of my network ...
      (RedHat)
    • Re: Norton 2006 security check reports hacker threat ports 80 443
      ... If these ports are unintentionally open, ... which opens them! ... is open and accepts connections or it is closed and rejects connections. ... hole" responds with "host unreachable" if the addressed device is not present. ...
      (microsoft.public.security)
    • Re: Logging login event
      ... network and the name of the computer. ... take some detective work to see what are established connections that you ... with well known ports after the IP xxx.xxx.xxx.xxx:80 such as ports 53, ... If there's a remote login, I hope it logs the IP address. ...
      (microsoft.public.windowsxp.security_admin)
    • Re: Ports scanned despite NAT
      ... >against about a dozen ports from 33367-33432. ... Are those are "new" connections, ... hosts on the ISPs internal network. ... mentions "Internetworking with TCP/IP Principles, Protocols, and ...
      (comp.security.firewalls)