Security Basics mailing list archives

RE: Unrestricted Outbound Web Server Access Opinion

From: "Andrew Shore" <andrew.shore () holistecs com>
Date: Wed, 4 May 2005 08:18:45 +0100

You need to ask the question WHY!

I agree with what you are saying, allowing any device full access to the
internet is a mistake.

Just say NO :)

Just my 2 cents

Andy

-----Original Message-----
From: Paul Guibord [mailto:pguibord () tngtech net] 
Sent: 03 May 2005 13:55
To: security-basics () securityfocus com
Subject: Unrestricted Outbound Web Server Access Opinion


Hello All,

Someone within our company wants our Internet facing web servers to have
unrestricted outbound access. Port 80 is the only port permitted from
the outside coming in. I need the experts opinion why we do not want to
permit this PLEASE. Two things I could think of are if the web servers
were compromised, then the hacker would have the ability offload any
data they want. Another being if they were infected with a worm they
would bring down the Internet T1 in their attempt to find other devices
to infect.

Thanks in advance for everyone's input.

Paul

Current thread:

Unrestricted Outbound Web Server Access Opinion Paul Guibord (May 03)
- Re: Unrestricted Outbound Web Server Access Opinion Jon Hart (May 04)
  - RE: Unrestricted Outbound Web Server Access Opinion David Gillett (May 05)
  - Re: Unrestricted Outbound Web Server Access Opinion David Glosser (May 05)
- RE: Unrestricted Outbound Web Server Access Opinion Hamish Stanaway (May 05)
- RE: Unrestricted Outbound Web Server Access Opinion Micro Kluge (May 05)
- Re: Unrestricted Outbound Web Server Access Opinion Diego Kellner (May 05)
- Re: Unrestricted Outbound Web Server Access Opinion Mark Leonard (May 05)
- RE: Unrestricted Outbound Web Server Access Opinion Keenan Smith (May 10)
  - Re: Unrestricted Outbound Web Server Access Opinion Chris Keladis (May 11)
- <Possible follow-ups>
- RE: Unrestricted Outbound Web Server Access Opinion Andrew Shore (May 05)