Re: Browser Vulns

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 07/23/04

  • Next message: Sarbjit Singh Gill: "RE: Windows Update v5 and XPSP2RC2" 
    Date: Thu, 22 Jul 2004 18:56:12 -0700
To: larobins@bellatlantic.net

    Not all firewalls are alike and not all do "outbound" egress filtering.
    .... 'course one could argue it shouldn't be called a firewall... but
    nevertheless not all are packet inspecting firewalls.

    Granted I think we can assume that one is talking about a true "business
    class" firewall and not the Fry's specials, but even in SBSland we get
    requests for blocking external webemail, and the notorious IM which,
    given that person is an authenticated user, the connection would go out
    the firewall just fine.

    Susan

    Laura A. Robinson wrote:

    >
    >
    >
    >>...
    >>
    >>
    >>
    >>>>>If you can, block by default and allow what you want.
    >>>>>
    >>>>>
    >>How? This sounds like a great plan but...
    >>
    >>
    >
    >It is standard for nearly any firewall. Block all, open what you need
    >opened.
    >
    >
    >>>>>That goes for outbound ports as well; if you have a DNS server and
    >>>>>you
    >>>>>
    >>>>>
    >>know it >>>only needs to connect/send to dest port 53, why
    >>not ban it from connecting to >>>any other ports?
    >>
    >>
    >>How can this be done?
    >>
    >>
    >
    >With a firewall.
    >
    >(I'm guessing y'all don't have a firewall?)
    >
    >Laura
    >
    >
    >
    > 

    -- 
http://www.sbslinks.com/really.htm
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: Sarbjit Singh Gill: "RE: Windows Update v5 and XPSP2RC2"

    Relevant Pages

    • Re: Cant Ping Windows 2003 server after R2 Upgrade..HELP!
      ... UPDATE* -- i've enabled to the windows firewall just to see what can be ... i then adjust the ICMP setting to allow ALL icmp. ... Enable 3 Allow outbound destination unreachable ... ICMP configuration for Local Area Connection 7: ...
      (microsoft.public.win2000.active_directory)
    • Re: black ice usage question
      ... It relies on it's application control for outbound protection. ... restrict the entire machine from accessing certain ports either. ... firewall will allow the user to restrict all access to only the ports ...
      (comp.security.firewalls)
    • Re: Firewall of SP2 is good?
      ... >> PFW solutions and some people do consider App Control a limited means ... then it cannot send any outbound traffic. ... > connections to an application. ... The firewall does NOT stop any ...
      (comp.security.firewalls)
    • Re: Network Firewall/Routing Solution
      ... > for a good solution to route inbound and outbound traffic. ... > firewall combo boxes that linksys sells, and I really don't want to run ... > I will need to deal with inbound web and ftp requests from the ... > non-pasv connections. ...
      (comp.security.firewalls)
    • Re: Ports getting hammered?
      ... >>> If your Watchguard can't stop outbound traffic... ... >>> Would not the Windows XP firewall do exactly the same work? ... >> protocol analysis to see if protocols are being broken only a IDS ... > permitted ports and protocols. ...
      (comp.security.firewalls)
    Loading