Re: Tips on blocking 'difficult' services..
- From: Ansgar -59cobalt- Wiechers <usenet-2006@xxxxxxxxxxxxxxxx>
- Date: 5 Dec 2006 18:17:40 GMT
arja <aaihetapie@xxxxxxxxx> wrote:
"Sebastian Gottschalk" <seppi@xxxxxxxxx> schreef:
arja wrote:
And more worse, you always forget ports.
And even worse, you can run all of these protocols over any port you
want. Now when will people stop following this "outbound filtering"
nonsense?
Never because it often provides usefull information in case of an
infection.
That is outbound *monitoring*, whereas Sebastian was talking about
outbound *filtering*. It is undisputed that outbound monitoring can give
you pointers in case of an infection, but that has nothing to do with
the fact that outbound *filtering* is not reliable and should thus not
be regarded as a security measure.
cu
59cobalt
--
"Personal Firewalls are crap. Throw away any personal firewall. Personal
Firewalls are bad[tm]."
--Malte von dem Hagen on security-basics
.
- Follow-Ups:
- Re: Tips on blocking 'difficult' services..
- From: arja
- Re: Tips on blocking 'difficult' services..
- References:
- Tips on blocking 'difficult' services..
- From: Geir Holmavatn
- Re: Tips on blocking 'difficult' services..
- From: Me
- Re: Tips on blocking 'difficult' services..
- From: arja
- Re: Tips on blocking 'difficult' services..
- From: arja
- Tips on blocking 'difficult' services..
- Prev by Date: Re: Tips on blocking 'difficult' services..
- Next by Date: Possible to Remote desktop through a Sonicwall TZ-170 without VPN?
- Previous by thread: Re: Tips on blocking 'difficult' services..
- Next by thread: Re: Tips on blocking 'difficult' services..
- Index(es):
Relevant Pages
|
