Firewall Wizards mailing list archives

Re: Permissive Firewall Policy

From: Devdas Bhagat <dvb () users sourceforge net>
Date: Sat, 23 Sep 2006 09:35:36 +0530

On 21/09/06 08:45 -0600, Kevin Hinze wrote:

New to the list, so hope this has not already been covered numerous times.

I have been asked to move from a restrictive policy of only
allowed/permitted ports are allowed through the Firewall to a permissive
policy of deny known ?bad? port/protocols and allow all else.  Does anyone
have lists, bookmarks or the like to show a list of known ?bad? ports?  I


0-65535. Particularly ports 80, 443, 25 and 22.

One hole is enough for the bad guys to get through.

believe this is a bad idea but need some information to prove how difficult
it will be to manage.

MJR has something on his site about it. Dig through
http://www.ranum.com/

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Permissive Firewall Policy Kevin Hinze (Sep 22)
- Re: Permissive Firewall Policy Marcus J. Ranum (Sep 23)
  - Re: Permissive Firewall Policy ArkanoiD (Sep 23)
  - Re: Permissive Firewall Policy Scott C. Kennedy (Sep 23)
  - Re: Permissive Firewall Policy Anton Chuvakin (Sep 25)
    - Re: Permissive Firewall Policy J. Oquendo (Sep 25)
- Re: Permissive Firewall Policy Kevin (Sep 23)
- Re: Permissive Firewall Policy Devdas Bhagat (Sep 23)
- Re: Permissive Firewall Policy Tim Shea (Sep 23)
- <Possible follow-ups>
- Re: Permissive Firewall Policy Fetch, Brandon (Sep 23)