RE: [fw-wiz] RE: In defense of non standard ports

On Tuesday, January 24, 2006 10:57 AM, Marcus J. Ranum so spake:

>Most organizations have already given up control over outgoing
>traffic. What they don't realize is that, by extension, they have
>also given up control over incoming traffic.

And, to me, are seeming to make it more difficult for those who haven't
to maintain control.

Overheard at the water cooler: "Well, company X allows this traffic, why
don't we? They are much larger than us and probably understand security
*much* better than we do. Since they think it's safe, shouldn't we think
it's safe, too?" I'm still looking for wording used to combat the
cluelessness of such mindset in both our own companies, as well as
companies that are creating situations that make us run web traffic on
non-web ports.

firewall-wizards mailing list