Educause Security Discussion mailing list archives
Re: firewall holes for particular machines
From: Zach Jansen <zjanse20 () CALVIN EDU>
Date: Thu, 14 May 2009 10:11:57 -0400
Wouldn't it be better to run these applications through a proxy, such as squid, instead? Zach Jansen -- Zach Jansen Information Security Officer Calvin College Phone: 616.526.6776 Fax: 616.526.8550
On 5/13/2009 at 1:24 PM, in message <200905131224.13916.carn0048 () umn edu>,
Megan Carney <carn0048 () UMN EDU> wrote:
I echo all the concerns already mentioned, but there are cases where your hands are tied. Windows updates as well as some other software are akamaized, meaning IP-based restrictions aren't possible without opening a very wide hole. In those cases, DNS seems to be the better choice.
Current thread:
- Re: firewall holes for particular machines, (continued)
- Re: firewall holes for particular machines Chris Schenk (May 13)
- Re: firewall holes for particular machines Brian Kaye (May 13)
- Re: firewall holes for particular machines Di Fabio, Andrea (May 13)
- Re: firewall holes for particular machines F.M. Taylor (May 13)
- Re: firewall holes for particular machines Kevin Wilcox (May 13)
- Re: firewall holes for particular machines Chris Green (May 13)
- Re: firewall holes for particular machines David Gillett (May 13)
- Re: firewall holes for particular machines Gary Flynn (May 13)
- Re: firewall holes for particular machines Megan Carney (May 13)
- Re: firewall holes for particular machines leo song (May 14)
- Re: firewall holes for particular machines Zach Jansen (May 14)
- Re: firewall holes for particular machines Kevin Wilcox (May 14)
- Re: firewall holes for particular machines Megan Carney (May 14)
- Re: firewall holes for particular machines Jason Frisvold (May 15)