Security Basics mailing list archives
Re: Any abuses on opening outbound port 43 tcp and udp
From: krymson () gmail com
Date: Mon, 23 Aug 2010 12:42:02 -0600
If your firewall rule says this: DMZ server ip -> domain registrar server : 43 udp/tcp Then you're really doing about as much as can realistically be asked. Opening an outbound connection from a specific server to a specific server limits your risk. Doing it that way also allows your firewall rules to pseudo-document what your network needs to run. Something like Any -> Any : 43 udp/tcp doesn't tell you much about why that rule is there. Can someone abuse that from the inside? Only if they can take over a server on the receiving end as well. If the firewall rule is DMZ server -> any : 43 udp/tcp, then I could as a rogue admin tunnel whatever I want over 43 to my home system. As an attacker, an outbound port scan can find that opening as use it as well. So avoid using "any" on either side of the equation, but especially on the destination side. <- snip -> I have a host in DMZ. I'm using some script to use whois service to fetch domain registration information. Whois service requires port 43 to be allowed from my DMZ to outside to reach whois servers. It creates a hole in the firewall to outside. So, my question would here be like, any abuses of opening port 43 from inside to outside? +Raja ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Any abuses on opening outbound port 43 tcp and udp Raja (Aug 12)
- Re: Any abuses on opening outbound port 43 tcp and udp John Morrison (Aug 12)
- Re: Any abuses on opening outbound port 43 tcp and udp Nikhil Wagholikar (Aug 13)
- Message not available
- Re: Any abuses on opening outbound port 43 tcp and udp Raja (Aug 13)
- Re: Any abuses on opening outbound port 43 tcp and udp Jeffrey Singleton (Aug 13)
- Re: Any abuses on opening outbound port 43 tcp and udp Raja (Aug 13)
- <Possible follow-ups>
- Re: Any abuses on opening outbound port 43 tcp and udp krymson (Aug 23)