Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Unrestricted Outbound Web Server Access Opinion

From: "Keenan Smith" <kc_smith () clark net>
Date: Tue, 10 May 2005 11:55:36 -0400
Wouldn't unrestricted outbound access allow a compromised server to be
used to launch all sorts of attacks against others?

At the very least, that could result in substantial negative PR 

Keenan

-----Original Message-----
From: Paul Guibord [mailto:pguibord () tngtech net] 
Sent: Tuesday, May 03, 2005 8:55 AM
To: security-basics () securityfocus com
Subject: Unrestricted Outbound Web Server Access Opinion



Hello All,

Someone within our company wants our Internet facing web servers to have
unrestricted outbound access. Port 80 is the only port permitted from
the outside coming in. I need the experts opinion why we do not want to
permit this PLEASE. Two things I could think of are if the web servers
were compromised, then the hacker would have the ability offload any
data they want. Another being if they were infected with a worm they
would bring down the Internet T1 in their attempt to find other devices
to infect.

Thanks in advance for everyone's input.

Paul
Previous By Date Next
Previous By Thread Next

Current thread: