Security Basics mailing list archives
RE: Open All Outbound Ports?
From: "Garbrecht, Frederick" <FGarbrecht () ecogchair org>
Date: Sat, 9 Nov 2002 13:54:49 -0500
A couple of things come to mind. Spyware programs installed by internal users inadvertently can ramp up outgoing traffic considerably and waste your bandwidth. Opening up outgoing ports also makes it much easier for peer-to-peer file sharing applications on your internal LAN to do their dirty work; clearly a security risk well defined elsewhere. Some trojans may also enjoy the new-found ability to establish outbound communications over whatever port they choose. I really don't understand why your firewall group would want to do this, it is such an obvious risk in many ways and violates the well established security principle of 'least prividege'. Sounds like your firewall guys are either really lazy or need some remedial security training. Fred -----Original Message----- From: tony tony [mailto:tonytorri () yahoo com] Sent: Thursday, November 07, 2002 8:34 PM To: security-basics () securityfocus com Subject: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the "OUTBOUND" ports on our firewall facing the internet. Their argument is that this would not significantly reduce our security and it will reduce their time/effort in administration. They claim they get several requests a week to open up out bound ports and the number keeps growing each month. They want to go for the gusto...and open up all 65,000+ outbound ports. I am in the security area and they want my agreement/sign off before they do this. It just does not "feel/smell right" but I am losing ground with my arguments. What are some good arguments I can use? Tony __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2
Current thread:
- Open All Outbound Ports? tony tony (Nov 08)
- RE: Open All Outbound Ports? Bill Lavalette (Nov 09)
- Re: Open All Outbound Ports? Meritt James (Nov 12)
- Re: Open All Outbound Ports? Sumit Dhar (Nov 13)
- Re: Open All Outbound Ports? Meritt James (Nov 12)
- Re: Open All Outbound Ports? Jens Rantil (Nov 09)
- Re: Open All Outbound Ports? Vince Hillier (Nov 11)
- RE: Open All Outbound Ports? Clint Harris (Nov 12)
- AW: Open All Outbound Ports? Robert Sieber (Nov 13)
- <Possible follow-ups>
- RE: Open All Outbound Ports? Garbrecht, Frederick (Nov 11)
- RE: Open All Outbound Ports? Naveed Ahmed (Nov 12)
- Re: Open All Outbound Ports? m2dzus (Nov 11)
- Re: Open All Outbound Ports? James Butcher (Nov 12)
- Re: Open All Outbound Ports? mitch_latham (Nov 11)
- Re: Open All Outbound Ports? Chris Berry (Nov 12)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)
- RE: Open All Outbound Ports? Mark Merchant (Nov 18)
- RE: Open All Outbound Ports? G. Class (Nov 21)
- Message not available
- RE: Open All Outbound Ports? Mark Merchant (Nov 22)
- RE: Open All Outbound Ports? Chris Alliey (Nov 15)
- RE: Open All Outbound Ports? Bill Lavalette (Nov 09)