Penetration Testing mailing list archives
publications concerning port forwarding
From: "Jason L. Ellison" <infotek () datasync com>
Date: Tue, 10 Apr 2007 17:12:59 -0500 (CDT)
List, I'm currently doing work for a large company as a consultant. Another consultant is installing a MS Exchange server and is now requesting for me to forward ports on the PIX from the Internet to internal servers. I have explained that port forwarding is very risky but they don't seem to understand. Are there any publications that can be used to show the link between port forwarding and bad security posture. I've scoured and found nothing (maybe its to obvious to document?)... -Jason Ellison ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- publications concerning port forwarding Jason L. Ellison (Apr 10)
- Re: publications concerning port forwarding Ben Nell (Apr 10)
- Re: publications concerning port forwarding vtlists (Apr 11)
- Re: publications concerning port forwarding Brendan Murray (Apr 10)
- RE: publications concerning port forwarding Wiedemann, Adrian (Apr 11)
- RE: publications concerning port forwarding Jason L. Ellison (Apr 11)
- RE: publications concerning port forwarding Wiedemann, Adrian (Apr 11)
- Message not available
- RE: publications concerning port forwarding Wiedemann, Adrian (Apr 11)
- RE: publications concerning port forwarding Jason L. Ellison (Apr 13)
- RE: publications concerning port forwarding Jason L. Ellison (Apr 11)
- Re: publications concerning port forwarding Ben Nell (Apr 10)
- <Possible follow-ups>
- RE: publications concerning port forwarding Jason Rahl (Apr 11)