Firewall Wizards mailing list archives
Re: Benefit of firewall over NAT-only 'protected' network
From: Tina Bird <tbird () precision-guesswork com>
Date: Tue, 27 May 2003 20:27:50 -0700 (PDT)
On Tue, 27 May 2003, Paul Robertson wrote:
On Wed, 28 May 2003, Hugh Blandford wrote:Please take into consideration that if they had a firewall, it would be setup to allow all outbound traffic and let the 'responses' back in. ThereThat's a silly and mostly specious pre-requisite. For instance, most small office users have *no* need for IRC, and given that IRC is *the* major control vector for trojaned machines, why the heck would you allow it outbound from a small office? Nuke 6667/tcp outbound and you decrease the chance of being owned rather significantly, and you break less than 1/2 of 1% of SOHO users.
if you continue down the road of "what things do i block to prevent most attacks," please be sure to add the microsoft netbios and netbeui ports (TCP/UDP 137-139, 445) -- at least at stanford, blocking those inbound and outbound at our perimeter has prevented a great deal of grief. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Benefit of firewall over NAT-only 'protected' network Hugh Blandford (May 27)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 27)
- Re: Benefit of firewall over NAT-only 'protected' network Tina Bird (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Frank Knobbe (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Chuck Swiger (May 30)
- Re: Benefit of firewall over NAT-only 'protected' network Frank Knobbe (May 31)
- Re: Benefit of firewall over NAT-only 'protected' network Tina Bird (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 27)
- Re: Benefit of firewall over NAT-only 'protected' network Hugh Blandford (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Bill Royds (May 30)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network ark (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)