Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Benefit of firewall over NAT-only 'protected' network

From: ark () eltex net
Date: Wed, 28 May 2003 16:43:17 +0400
If they really do not use it, you are completely right, any unused
port should be blocked (if we use packet filtering firewalls. i run
irc from the office but i use proxy ;-)

On Wed, May 28, 2003 at 09:05:30AM -0400, Paul Robertson wrote:


It's not about IRC as an attack vector, it's about IRC as a control vector 
and the small number of people who have a business case to use it from 
work.  I use IRC, and I even use IRC from work- but I don't go out via 
6667 from the office directly.  In fact, most large companies would do 
good to block and log outbound TCP 6667, some of the largest botnets I've 
seen have been on sites that allow all TCP outbound.  I don't know about 
you, but I'd really rather not see people try to clean up an internal worm 
infection, deal with child pornography on what could be business-critical 
servers, and have RIAA/MPAA filing suits left and right because they let 
out a port that _they_neither_need_,_nor_use.  


                                     _     _  _  _  _      _  _
 {::} {::} {::}  CU in Hell          _| o |_ | | _|| |   / _||_|   |_ |_ |_
 (##) (##) (##)        /Arkan#iD    |_  o  _||_| _||_| /   _|  | o |_||_||_|
 [||] [||] [||]            Do i believe in Bible? Hell,man,i've seen one!
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: