Firewall Wizards mailing list archives
Re: Opening ports in Firewall
From: Frank Willoughby <frankw () in net>
Date: Fri, 16 Oct 1998 14:05:00 -0500
At 08:35 AM 10/16/98 -0500, Hines Dennis wrote:
Aside from IP tunneling, what are the risks associated with opening an outbound port, say 7100, in a firewall to support an application that makes a direct connection to a site on the Internet (via IP address) for the purpose of say downloading software updates. What are the risks if the firewall is an SPF, proxy, or packet filter - (with or without NAT).
One of the risks is that someone may spoof the software update site and have you download a program containing a trojan horse, logic bomb, worm, virus, or any of a multitude of undesired functionalities.
Thanks for the insight, Dennis --- Dennis Hines dennis.hines () columbia net ---
Best Regards, Frank The opinions of the author of this mail may not necessarily be representative of the opinions of Fortifed Networks, Inc. (c) Fortified Networks, Inc. - http://www.fortified.com/ Home of the Free Internet Firewall Evaluation Checklist Expert (vendor-neutral) Computer and Network Security Solutions Fixed Price Contracts - Expert Information Security Officers Phone: (317) 573-0800 Fax: (317) 573-0817
Current thread:
- Opening ports in Firewall Hines Dennis (Oct 16)
- Re: Opening ports in Firewall Frank Willoughby (Oct 19)
- Re: Opening ports in Firewall Frank Willoughby (Oct 23)