Security Basics mailing list archives

RE: Open All Outbound Ports?

From: "Mark Merchant" <mmerchant () dispatch com>
Date: Wed, 20 Nov 2002 13:33:25 -0500

Their reason was a lot of the sites that were visited used Passive
FTP, that randomly uses any port above port 1024.


Why not just restrict the ip ranges to a few hundred (thousand) ports?
This is explained in the active vs passive ftp site,
http://slacksite.com/other/ftp.html under the topic ftp appendix.


i'll have to go back and read the original post, but i think you have it
backwards. clients at their location are are making PASV connects
to servers located elsewhere. thus you get outbound connections
on high number ports.

talking ftp is always a little weird as there are always :
        2 computers X 2 ports X 2 firewalls
to deal with, whew!

Current thread:

AW: Open All Outbound Ports?, (continued)
- AW: Open All Outbound Ports? Robert Sieber (Nov 13)
- RE: Open All Outbound Ports? Garbrecht, Frederick (Nov 11)
  - RE: Open All Outbound Ports? Naveed Ahmed (Nov 12)
- Re: Open All Outbound Ports? m2dzus (Nov 11)
  - Re: Open All Outbound Ports? James Butcher (Nov 12)
- Re: Open All Outbound Ports? mitch_latham (Nov 11)
- Re: Open All Outbound Ports? Chris Berry (Nov 12)
  - RE: Open All Outbound Ports? Chris Alliey (Nov 15)
    - RE: Open All Outbound Ports? Mark Merchant (Nov 18)
    - RE: Open All Outbound Ports? G. Class (Nov 21)
    - Message not available
    - RE: Open All Outbound Ports? Mark Merchant (Nov 22)
- Re: Open All Outbound Ports? David Weinberg (Nov 12)
- RE: Open All Outbound Ports? DeGennaro, Gregory (Nov 13)
- Re: Open All Outbound Ports? James Lee Gromoll (Nov 16)
- RE: Open All Outbound Ports? Louis Erickson (Nov 16)
- RE: Open All Outbound Ports? Farrelly, Brian (Nov 17)