Security Basics mailing list archives
RE: How secure is to open ports from inside the firewall?
From: "Murda Mcloud" <murdamcloud () bigpond com>
Date: Thu, 15 Mar 2007 09:51:53 +1000
Hi, Simple rule, the more ports you open, the less 'safe' it is. You're right about certain things (malware,attackers,internal staff) using open ports to go out on and then creating connections back in. P2P stuff is a good example of this. P2P client on the LAN connects out and brings in lameware etc. I'm sure others can give more examples but that's the general idea. Question is-do you want to control it and what is the acceptable level of risk? What if you don't care what comes or goes? If you do, then you'll want to tighten. Check this out: http://www.faqs.org/rfcs/rfc3093.html -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Iosif Gasparakis Sent: Wednesday, March 14, 2007 8:31 PM To: security-basics () securityfocus com Subject: How secure is to open ports from inside the firewall? Hello list. One silly question: How secure is to open ports from inside the firewall? Ok, closing incoming ports is the purpose of a firewall. But what about the outgoing? Could this make someone's life who already broke into the network easier? Or is it already too late, and that someone if already in can use just any open port to send traffic out? Please let me know your views. Joseph ___________________________________________________________ The all-new Yahoo! Mail goes wherever you go - free your email address from your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html
Current thread:
- How secure is to open ports from inside the firewall? Iosif Gasparakis (Mar 14)
- Re: How secure is to open ports from inside the firewall? Kim Guldberg (Mar 15)
- RE: How secure is to open ports from inside the firewall? Murda Mcloud (Mar 15)
- <Possible follow-ups>
- Re: How secure is to open ports from inside the firewall? e . m . baechle (Mar 15)
- Re: How secure is to open ports from inside the firewall? pfunix (Mar 15)