Firewall Wizards mailing list archives
Re: RE: In defense of non standard ports
From: "Paul D. Robertson" <paul () compuwar net>
Date: Tue, 24 Jan 2006 19:35:55 -0500 (EST)
On Tue, 24 Jan 2006, ArkanoiD wrote:
Allowing uncotrolled HTTP CONNECT to any port seems quite suicidal for any reasonable security policy, am i wrong?
As suicidal as allowing all TCP outbound. Which is happening *way* too much, and is the reason we see things like botnets rapant on hospital networks. I think you shouldn't be allowed to install I{D,P}S until your firewall ruleset is this | high. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions paul () compuwar net which may have no basis whatsoever in fact." http://fora.compuwar.net Infosec discussion boards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: In defense of non standard ports Behm, Jeffrey L. (Jan 23)
- RE: RE: In defense of non standard ports Bill Royds (Jan 23)
- Re: RE: In defense of non standard ports Tobias Reckhard (Jan 24)
- Re: RE: In defense of non standard ports James (Jan 24)
- Re: RE: In defense of non standard ports ArkanoiD (Jan 24)
- Re: RE: In defense of non standard ports Chuck Swiger (Jan 24)
- Re: RE: In defense of non standard ports Marcus J. Ranum (Jan 24)
- Re: RE: In defense of non standard ports Paul D. Robertson (Jan 24)
- Re: RE: In defense of non standard ports Tim Shea (Jan 24)
- Re: RE: In defense of non standard ports Paul D. Robertson (Jan 24)
- Message not available
- RE: In defense of non standard ports Brian Loe (Jan 24)
- Message not available
- Re: RE: In defense of non standard ports Marcus J. Ranum (Jan 24)
- Re: RE: In defense of non standard ports ArkanoiD (Jan 25)
- RE: RE: In defense of non standard ports Bill Royds (Jan 23)
- RE: RE: In defense of non standard ports Bill Royds (Jan 24)
- <Possible follow-ups>
- RE: RE: In defense of non standard ports Fetch, Brandon (Jan 23)
- RE: RE: In defense of non standard ports Behm, Jeffrey L. (Jan 24)
- Re: RE: In defense of non standard ports Karl (Jan 24)