Security Basics mailing list archives
RE: Open All Outbound Ports?
From: "Mark Merchant" <mmerchant () dispatch com>
Date: Wed, 20 Nov 2002 13:33:25 -0500
Their reason was a lot of the sites that were visited used Passive FTP, that randomly uses any port above port 1024.Why not just restrict the ip ranges to a few hundred (thousand) ports? This is explained in the active vs passive ftp site, http://slacksite.com/other/ftp.html under the topic ftp appendix.
i'll have to go back and read the original post, but i think you have it backwards. clients at their location are are making PASV connects to servers located elsewhere. thus you get outbound connections on high number ports. talking ftp is always a little weird as there are always : 2 computers X 2 ports X 2 firewalls to deal with, whew!
Current thread:
- AW: Open All Outbound Ports?, (continued)
- AW: Open All Outbound Ports? Robert Sieber (Nov 13)
- RE: Open All Outbound Ports? Garbrecht, Frederick (Nov 11)
- RE: Open All Outbound Ports? Naveed Ahmed (Nov 12)
- Re: Open All Outbound Ports? m2dzus (Nov 11)
- Re: Open All Outbound Ports? James Butcher (Nov 12)
- Re: Open All Outbound Ports? mitch_latham (Nov 11)
- Re: Open All Outbound Ports? Chris Berry (Nov 12)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)
- RE: Open All Outbound Ports? Mark Merchant (Nov 18)
- RE: Open All Outbound Ports? G. Class (Nov 21)
- Message not available
- RE: Open All Outbound Ports? Mark Merchant (Nov 22)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)