Home page logo
/

basics logo Security Basics mailing list archives

Antwort: Open All Outbound Ports?
From: oliver.biermann () mobilcom de
Date: Mon, 11 Nov 2002 10:12:18 +0100

HI there,

I will give you three.......

E-Donkey
BearShare
Gnutella

Those Applikations and their ports were the ones I had to 
close during the last two months cos somehow more than
7 million requests were generated by a single internal 
maschine within 12 hours.

Not only that this costs a lot of money for investigating,
it also costs money for the not-working employees.

It also affects the costs for bandwidth, cos as you know
a peer2peer Software can cause a lot UDP Traffic.

And I can tell you...it is not a very nice thing
to appear with tons of people, lawyers and nionpeople
and just confiscate a workstation for forensic analysis.
This really has a bad taste.....

So, if you don`t want to hire a security specialist for you
to investigate the whole day what might get from internal
to external, or what your employees might do, if you let
them do what they want, you SHOULD close
any port you don`t specifically need.


Its the ROSIS - Return of Security Investments


"All you get is to not pay for things you never saw...."


Regards,

Olli

-- 
***********************************************
Oliver Biermann  -  MIT Security 
Mobilcom Corporate IT - B├╝delsdorf 
Tel: +49 4331 4472124 - Fax: -2200
***********************************************
Fingerprint: FC19 7F6D 4405 EF4F AE25 96CD 8DAB B7D6 F3B6 9F01






tony tony <tonytorri () yahoo com>
08.11.02 02:33

 
        An:     security-basics () securityfocus com
        Kopie: 
        Thema:  Open All Outbound Ports?


Hi, 

Our firewall group has came to me several times over the last few months
wanting my approval to open all of the "OUTBOUND" ports on our firewall 
facing
the internet.  Their argument is that this would not significantly reduce 
our
security and it will reduce their time/effort in administration.  They 
claim
they get several requests a week to open up out bound ports and the number
keeps growing each month. They want to go for the gusto?and open up all 
65,000+
outbound ports.

I am in the security area and they want my agreement/sign off before they 
do
this.  It just does not "feel/smell right" but I am losing ground with my
arguments.  What are some good arguments I can use? 

Tony


__________________________________________________
Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos
http://launch.yahoo.com/u2




  By Date           By Thread  

Current thread:
  • Antwort: Open All Outbound Ports? oliver . biermann (Nov 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]