RE: How secure is to open ports from inside the firewall?

["Murda Mcloud" <murdamcloud () bigpond com>]

Hi,
Simple rule, the more ports you open, the less 'safe' it is.
You're right about certain things (malware,attackers,internal staff) using
open ports to go out  on and then creating connections back in. P2P stuff is
a good example of this.
P2P client on the LAN connects out and brings in lameware etc.
I'm sure others can give more examples but that's the general idea.

Question is-do you want to control it and what is the acceptable level of
risk? What if you don't care what comes or goes? If you do, then you'll want
to tighten.

Check this out:
http://www.faqs.org/rfcs/rfc3093.html





-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Iosif Gasparakis
Sent: Wednesday, March 14, 2007 8:31 PM
To: security-basics () securityfocus com
Subject: How secure is to open ports from inside the firewall?

Hello list.

One silly question: How secure is to open ports from inside the firewall?

Ok, closing incoming ports is the purpose of a firewall. But what about the
outgoing? Could this make someone's life who already broke into the network
easier? Or is it already too late, and that someone if already in can use
just any open port to send traffic out?

Please let me know your views.

Joseph




                
___________________________________________________________ 
The all-new Yahoo! Mail goes wherever you go - free your email address from
your Internet provider. http://uk.docs.yahoo.com/nowyoucan.html