Re: Deny local socket/port binding on server.

From: Michel Bardiaux (mbardiaux@peaktime.be)
Date: 03/25/03

Next message: 2Host.com - Robert: "Re: Big Website Hack Documented"

Previous message: Richard L. Hamilton: "Re: NFS and what UDP ports it uses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 25 Mar 2003 14:09:00 +0100
From: Michel Bardiaux <mbardiaux@peaktime.be>

Tim Haynes wrote:
[snip]

>
>
> I think you'll find that more than a little short-sighted. If you know
> anything about firewalling you'll know that egress filtering is vital, if
> only to prevent internal cracked machines from harming the rest of the
> world. Adding the integrity of your box is another logical extension of
> this idea.
>

Yes! There are so many IRC *clients* out there that once installed, will
setup input tunnels through your firewalls.

-- 
Michel Bardiaux
Peaktime Belgium S.A.  Bd. du Souverain, 191  B-1160 Bruxelles
Tel : +32 2 790.29.41

Next message: 2Host.com - Robert: "Re: Big Website Hack Documented"

Previous message: Richard L. Hamilton: "Re: NFS and what UDP ports it uses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Deny local socket/port binding on server.
... Tim Haynes wrote: ... > anything about firewalling you'll know that egress filtering is vital, ...
(comp.os.linux.security)
Re: Firewall and NAT
... >> Meant to be less strict on standards compliance ... [SNIP] ... > Hence the advice of firewalling it off from external ...
(Fedora)
Re: Interface Aliasing
... > Given that OP has had it working from another machine, I suspect a firewall. ... Following up to self, I'm clearly not awake yet, and didn't notice having ... I'll still leave the firewalling bit to someone else. ...
(comp.unix.bsd.freebsd.misc)