Firewall Wizards mailing list archives
Re: Code Red: What security specialist don't mention in warnings
From: Nate Campi <nate () campi cc>
Date: Sat, 4 Aug 2001 12:55:19 -0700
On Thu, Aug 02, 2001 at 08:38:07PM -0400, mark.wiater () alexus com wrote:
Excellent point Frank. No web server should ever have to generate a connection outside the local network.
Not true in our shop. Our web front-ends on one of the two news sites I maintain have to connect outbound to several external services for different content. Of course this doesn't mean we allow all outbound connections. All oubound connections are denied by default, and when building out the architecture for a service such as this, we have the netops guys/gals set up ACLs to allow the only the outbound connections we need. My point is that even when outbound connections are necessary, you can still reduce your risk, as we have. -- Nate _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Code Red: What security specialist don't mention in warnings Frank Knobbe (Aug 02)
- Re: Code Red: What security specialist don't mention in warnings Vladimir Parkhaev (Aug 02)
- Re: Code Red: What security specialist don't mention in warnings R. DuFresne (Aug 04)
- <Possible follow-ups>
- RE: Code Red: What security specialist don't mention in warnings mark . wiater (Aug 04)
- Re: Code Red: What security specialist don't mention in warnings Nate Campi (Aug 05)
- RE: Code Red: What security specialist don't mention in warnings David Lang (Aug 05)
- Re: Code Red: What security specialist don't mention in warnings Vladimir Parkhaev (Aug 02)