Security Basics mailing list archives
AW: Open All Outbound Ports?
From: "Robert Sieber" <rsieber () web de>
Date: Wed, 13 Nov 2002 17:56:19 +0100
From my point of view there will be a big lack of security if you open all
outbound ports. Every application would have full access to the internet - do you really want it? More then 50% of all security risks are base insinde your network. So it is very important to have an strict policy for outbound applications! You should review all requests very carfully! Verify if there is a real need to open this ports - all open ports could be used by other "unfriendly" programs! Robert -- http://board.protecus.de - Firewalls, Security and more ... -----Ursprungliche Nachricht----- Von: security-basics-return-15832-rsieber=web.de () securityfocus com [mailto:security-basics-return-15832-rsieber=web.de () securityfocus com]Im Auftrag von tony tony Gesendet: Freitag, 8. November 2002 02:34 An: security-basics () securityfocus com Betreff: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the OUTBOUND ports on our firewall facing the internet. Their argument is that this would not significantly reduce our security and it will reduce their time/effort in administration. They claim they get several requests a week to open up out bound ports and the number keeps growing each month. They want to go for the gustoand open up all 65,000+ outbound ports. I am in the security area and they want my agreement/sign off before they do this. It just does not feel/smell right but I am losing ground with my arguments. What are some good arguments I can use? Tony __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
Current thread:
- Open All Outbound Ports? tony tony (Nov 08)
- RE: Open All Outbound Ports? Bill Lavalette (Nov 09)
- Re: Open All Outbound Ports? Meritt James (Nov 12)
- Re: Open All Outbound Ports? Sumit Dhar (Nov 13)
- Re: Open All Outbound Ports? Meritt James (Nov 12)
- Re: Open All Outbound Ports? Jens Rantil (Nov 09)
- Re: Open All Outbound Ports? Vince Hillier (Nov 11)
- RE: Open All Outbound Ports? Clint Harris (Nov 12)
- AW: Open All Outbound Ports? Robert Sieber (Nov 13)
- <Possible follow-ups>
- RE: Open All Outbound Ports? Garbrecht, Frederick (Nov 11)
- RE: Open All Outbound Ports? Naveed Ahmed (Nov 12)
- Re: Open All Outbound Ports? m2dzus (Nov 11)
- Re: Open All Outbound Ports? James Butcher (Nov 12)
- Re: Open All Outbound Ports? mitch_latham (Nov 11)
- Re: Open All Outbound Ports? Chris Berry (Nov 12)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)
- RE: Open All Outbound Ports? Mark Merchant (Nov 18)
- RE: Open All Outbound Ports? G. Class (Nov 21)
- Message not available
- RE: Open All Outbound Ports? Mark Merchant (Nov 22)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)
- RE: Open All Outbound Ports? Bill Lavalette (Nov 09)