RE: How secure is to open ports from inside the firewall?
- From: "Murda Mcloud" <murdamcloud@xxxxxxxxxxx>
- Date: Thu, 15 Mar 2007 09:51:53 +1000
Hi,
Simple rule, the more ports you open, the less 'safe' it is.
You're right about certain things (malware,attackers,internal staff) using
open ports to go out on and then creating connections back in. P2P stuff is
a good example of this.
P2P client on the LAN connects out and brings in lameware etc.
I'm sure others can give more examples but that's the general idea.
Question is-do you want to control it and what is the acceptable level of
risk? What if you don't care what comes or goes? If you do, then you'll want
to tighten.
Check this out:
http://www.faqs.org/rfcs/rfc3093.html
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of Iosif Gasparakis
Sent: Wednesday, March 14, 2007 8:31 PM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: How secure is to open ports from inside the firewall?
Hello list.
One silly question: How secure is to open ports from inside the firewall?
Ok, closing incoming ports is the purpose of a firewall. But what about the
outgoing? Could this make someone's life who already broke into the network
easier? Or is it already too late, and that someone if already in can use
just any open port to send traffic out?
Please let me know your views.
Joseph
___________________________________________________________
The all-new Yahoo! Mail goes wherever you go - free your email address from
your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
- References:
- How secure is to open ports from inside the firewall?
- From: Iosif Gasparakis
- How secure is to open ports from inside the firewall?
- Prev by Date: Re: Invisible dilemma - ARP flush
- Next by Date: infosec training
- Previous by thread: Re: How secure is to open ports from inside the firewall?
- Next by thread: Re: How secure is to open ports from inside the firewall?
- Index(es):
Relevant Pages
|
