Educause Security Discussion mailing list archives
Re: the importance of security
From: Gary Flynn <flynngn () JMU EDU>
Date: Wed, 11 Aug 2004 13:09:25 -0400
Jon Mitchiner wrote:
I am not comfortable with the idea of port 25 blocking. The reason is because how will you know if a machine is infected or not? If you block outgoing port 25 then it's going to make it difficult for you to know whether a machine is infected with a trojan/virus/etc and you would have compromised machines on your network.
access-list 120 deny tcp any any eq 25 log Then check your logs. :) Similar logging for port 135 and 445 access attempts is also illuminating although they can be 'permit' rules as policy dictates. -- Gary Flynn Security Engineer James Madison University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- Re: the importance of security, (continued)
- Re: the importance of security Jere Retzer (Aug 11)
- Re: the importance of security Theresa M Rowe (Aug 11)
- Re: the importance of security Weeks, Calvin W. (Aug 11)
- Re: the importance of security Scott Genung (Aug 11)
- Re: the importance of security Jere Retzer (Aug 11)
- Re: the importance of security Dewitt Latimer (Aug 11)
- Re: the importance of security Scott Genung (Aug 11)
- Re: the importance of security Cal Frye (Aug 11)
- Re: the importance of security Jon Mitchiner (Aug 11)
- Re: the importance of security Gary Flynn (Aug 11)
- Re: the importance of security Gary Flynn (Aug 11)
- Re: the importance of security Jon Mitchiner (Aug 11)
- Re: the importance of security Buz Dale (Aug 11)
- Re: the importance of security Rich Graves (Aug 11)
- Re: the importance of security Paul Russell (Aug 11)
- Re: the importance of security Mike Iglesias (Aug 11)
- Re: the importance of security Scott Weeks (Aug 12)