Re: Any abuses on opening outbound port 43 tcp and udp

[krymson () gmail com]

If your firewall rule says this:

DMZ server ip -> domain registrar server : 43 udp/tcp

Then you're really doing about as much as can realistically be asked. Opening an outbound connection from a specific 
server to a specific server limits your risk.

Doing it that way also allows your firewall rules to pseudo-document what your network needs to run. Something like Any 
-> Any : 43 udp/tcp doesn't tell you much about why that rule is there.

Can someone abuse that from the inside? Only if they can take over a server on the receiving end as well. If the 
firewall rule is DMZ server -> any : 43 udp/tcp, then I could as a rogue admin tunnel whatever I want over 43 to my 
home system. As an attacker, an outbound port scan can find that opening as use it as well. So avoid using "any" on 
either side of the equation, but especially on the destination side.

<- snip ->
I have a host in DMZ. I'm using some script to use whois service to 
fetch domain registration information. Whois service requires port 43 to 
be allowed from my DMZ to outside to reach whois servers.
It creates a hole in the firewall to outside.
So, my question would here be like, any abuses of opening port 43 from 
inside to outside?

+Raja

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------