Spam: RE: Spam: RE: Spam: How safe is a hardware firewall?

[rsrivastwa at yahoo.com (Rohit Srivastwa)]

Robin
Remember the golden rule of firewall. First block all, then start allowing traffic one-by-one as required and before 
opening any port ask yourself "is it actually required"

Even I'm a proud user of fortinet box, this product rocks. You might not get ready made ports in the list for skypein, 
yahoo games etc. You'll have to create custom services for these & then group them together to allow traffic.

But as everyone said, open port 80 to your webserver is enough to create havoc if the server is unpatched or 
misconfigured.

regards
./Rohit

 --
Through the Firewall,
Out the Router,
Down the T1,
Across the Backbone,
Bounced from Satellite ---- Nothing but the Internet

----- Original Message ----
From: Robin Kipp <robin.kipp at gmx.de>
To: framework at metasploit.com
Sent: Tuesday, November 6, 2007 4:22:29 AM
Subject: Spam: RE: Spam: RE: [framework] Spam: How safe is a hardware firewall?


Hi Kim!
Yes, your questions are really good. I'll think about and block all
outgoing traffic and open all the ports I need. That won't be easy I
think, because I also have to open all the ports for Skype, MSN, Etc...
Which is really hard, but anyways I'll see what I can do to keep all
 you
metasploit users out ;-)
Thanks again for your ideas!
Robin






__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071105/194ae885/attachment.htm>