Firewall Wizards mailing list archives
Re: Benefit of firewall over NAT-only 'protected' network
From: ark () eltex net
Date: Wed, 28 May 2003 16:43:17 +0400
If they really do not use it, you are completely right, any unused port should be blocked (if we use packet filtering firewalls. i run irc from the office but i use proxy ;-) On Wed, May 28, 2003 at 09:05:30AM -0400, Paul Robertson wrote:
It's not about IRC as an attack vector, it's about IRC as a control vector and the small number of people who have a business case to use it from work. I use IRC, and I even use IRC from work- but I don't go out via 6667 from the office directly. In fact, most large companies would do good to block and log outbound TCP 6667, some of the largest botnets I've seen have been on sites that allow all TCP outbound. I don't know about you, but I'd really rather not see people try to clean up an internal worm infection, deal with child pornography on what could be business-critical servers, and have RIAA/MPAA filing suits left and right because they let out a port that _they_neither_need_,_nor_use.
_ _ _ _ _ _ _ {::} {::} {::} CU in Hell _| o |_ | | _|| | / _||_| |_ |_ |_ (##) (##) (##) /Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_| [||] [||] [||] Do i believe in Bible? Hell,man,i've seen one! _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Benefit of firewall over NAT-only 'protected' network, (continued)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 27)
- Re: Benefit of firewall over NAT-only 'protected' network Tina Bird (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Frank Knobbe (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Chuck Swiger (May 30)
- Re: Benefit of firewall over NAT-only 'protected' network Frank Knobbe (May 31)
- Re: Benefit of firewall over NAT-only 'protected' network Tina Bird (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 27)
- Re: Benefit of firewall over NAT-only 'protected' network Hugh Blandford (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Bill Royds (May 30)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network ark (May 28)
- Re: Benefit of firewall over NAT-only 'protected' network Paul Robertson (May 28)