Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: httport 3snf

From: Christopher Hicks <chicks () chicks net>
Date: Mon, 21 Oct 2002 17:48:00 -0400 (EDT)
On Mon, 21 Oct 2002, Ryan M. Ferris wrote:

[ Earlier Christopher Hicks wrote: ]

You may want to block all traffic that doesn't go through your proxy
server or SOCKS.  You can set those up to require authentication and track
who is doing what.  I've been stuck at a few Fortune 500 corporate offices
that functioned that way.


This sounds like the best solution. Are there any major downsides? Is
the blocking done per router or per proxy/firewall?


Basically you don't forward anything to the outside of your network unless
it's coming from your SOCKS box or your web proxy.  As for downsides, my
only experience is as a user trying to get things done and I felt rather
stymied.  But that may be what you're looking for.


Thanks. Don't worry about lecturing....


I don't mind lecturing.  I just get worried when I sound like Henry Blake.  
:)

-- 
</chris>

Recently, I was asked if I was going to fire an employee who made a
mistake that cost the company $600,000.  No, I replied, I just spent
$600,000 training him. Why would I want somebody to hire his experience?
                -Thomas J.  Watson, industrialist (1874-1956)

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: