Firewall Wizards mailing list archives

Re: Permissive Firewall Policy

From: "J. Oquendo" <sil () infiltrated net>
Date: Mon, 25 Sep 2006 14:57:05 -0400

Anton Chuvakin wrote:

Any port between 1 and 65000 are known to be bad at least some of the time.

Holy cow! Is this for real? Somebody still asking a question like that?

It feels like a bit that would be posted to celebrate this list's 10th
anniversary or something :-)

But! I think for the outbound access the question borders on making
[some] sense. Yes, the general "block all that are not needed based on
the policy" is still there, but I almost feel that it makes sense to
spell out some of the *especially* ugly ports to watch, kind of like
telnet for inbound 10 years ago ... Or maybe not :-)

Best,

You've officially made me feel old. 10 years... 10 years of Mr. Ranum!? 
(kidding MR)

-- 
====================================================
J. Oquendo
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x1383A743
sil . infiltrated @ net http://www.infiltrated.net 

The happiness of society is the end of government.
John Adams

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Permissive Firewall Policy Kevin Hinze (Sep 22)
- Re: Permissive Firewall Policy Marcus J. Ranum (Sep 23)
  - Re: Permissive Firewall Policy ArkanoiD (Sep 23)
  - Re: Permissive Firewall Policy Scott C. Kennedy (Sep 23)
  - Re: Permissive Firewall Policy Anton Chuvakin (Sep 25)
    - Re: Permissive Firewall Policy J. Oquendo (Sep 25)
- Re: Permissive Firewall Policy Kevin (Sep 23)
- Re: Permissive Firewall Policy Devdas Bhagat (Sep 23)
- Re: Permissive Firewall Policy Tim Shea (Sep 23)
- <Possible follow-ups>
- Re: Permissive Firewall Policy Fetch, Brandon (Sep 23)