Firewall Wizards mailing list archives
Re: outbound traffic security risk
From: "Mitchell Rowton" <mrowton () bdo com>
Date: Tue, 23 Mar 2004 09:04:27 -0500
Allowing all outbound traffic also increases the likelihood of backdoors into your network. http://www.securitydocs.com/links/detail/803 Plus, most of the scans constantly hitting everyones network originates from a network that doesn't filter outbound traffic. Of course it would be hard for an ISP to restrict outbound port 80 traffic, but msrpc and sql are examples that could be blocked unless needed for specific hosts. In general, I think that people who don't attempt egress filtering are bad internet citizens who contribute to my bloated IDS logs.
"Hilal Hussein" <hilalma () hotmail com> 03/23/04 03:50AM >>>
Dear List, I would like to ask about the risk of opening outbound port traffics in the firewall. currently, i am opening the outbound ports traffic based on the user request, as pop3, and smtp traffics. I red about some risk that could be in some kind of outbound traffics which might pass java scripts, or trojan horses, or other kind of attacks during the opened session from users (inside the network) to the outbound. so please, i need to know of any risk that could come with some kind of outbound traffics, and if there is a good link for resources about the latest news of vulnerabilities of such outbound traffics. your respond is highly appreciated, with regards, Hilal _________________________________________________________________ STOP MORE SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards NOTICE: The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof. If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- outbound traffic security risk Hilal Hussein (Mar 23)
- Re: outbound traffic security risk Paul D. Robertson (Mar 23)
- Re: outbound traffic security risk Holger Kipp (Mar 23)
- Re: outbound traffic security risk Don Kendrick (Mar 23)
- Re: outbound traffic security risk Don Kendrick (Mar 24)
- <Possible follow-ups>
- Re: outbound traffic security risk Mitchell Rowton (Mar 23)
- Re: outbound traffic security risk Devdas Bhagat (Mar 23)
- Re: outbound traffic security risk Mitchell Rowton (Mar 24)
- Re: outbound traffic security risk Devdas Bhagat (Mar 24)