Firewall Wizards mailing list archives
Re: outbound traffic security risk
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Tue, 23 Mar 2004 20:15:26 +0530
On 23/03/04 09:04 -0500, Mitchell Rowton wrote:
Allowing all outbound traffic also increases the likelihood of backdoors into your network. http://www.securitydocs.com/links/detail/803 Plus, most of the scans constantly hitting everyones network originates from a network that doesn't filter outbound traffic. Of course it would be hard for an ISP to restrict outbound port 80 traffic, but msrpc and sql are examples that could be blocked unless needed for specific hosts.
Ahem! ISPs are /not/ corporate providers. They should NOT be blocking stuff (currently, NetBIOS and a bunch of MS ports exempted, and port 25 outbound, but thats a different beast.). I want my ISP to only give me a pure network connection and let me run my own services. Take reactive action against clients who spam, or abuse the Internet, but the whole role of an ISP is to provide access. A corporate network, on the other hand, is a different kettle of fish. ISPs MUST filter out traffic which should not originate from their network, or their downstreams or peers.
In general, I think that people who don't attempt egress filtering are bad internet citizens who contribute to my bloated IDS logs.
Agreed. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- outbound traffic security risk Hilal Hussein (Mar 23)
- Re: outbound traffic security risk Paul D. Robertson (Mar 23)
- Re: outbound traffic security risk Holger Kipp (Mar 23)
- Re: outbound traffic security risk Don Kendrick (Mar 23)
- Re: outbound traffic security risk Don Kendrick (Mar 24)
- <Possible follow-ups>
- Re: outbound traffic security risk Mitchell Rowton (Mar 23)
- Re: outbound traffic security risk Devdas Bhagat (Mar 23)
- Re: outbound traffic security risk Mitchell Rowton (Mar 24)
- Re: outbound traffic security risk Devdas Bhagat (Mar 24)