Home page logo

basics logo Security Basics mailing list archives

Re: Open All Outbound Ports?
From: David Weinberg <weinberg () bigpond net au>
Date: Tue, 12 Nov 2002 10:36:51 +1100

Opening all outbound ports will also alow peer-peer programs (like 
Kazza, Napster etc) and Spyware which will consume *most* of your 

So asside from the obvious security risks (tojans etc), you can also 
watch your bandwidth go down, down, down. 

Unless ofcourse, you work for an ISP/Telco ;)


Our firewall group has came to me several times over the last 
few months
wanting my approval to open all of the “OUTBOUND” ports on our 
firewall facing
the internet.  Their argument is that this would not 
significantly reduce our
security and it will reduce their time/effort in administration. 
They claim
they get several requests a week to open up out bound ports and 
the number
keeps growing each month. They want to go for the gusto…and open 
up all 65,000+
outbound ports.

I am in the security area and they want my agreement/sign off 
before they do
this.  It just does not “feel/smell right” but I am losing 
ground with my
arguments.  What are some good arguments I can use?  


Do you Yahoo!?
U2 on LAUNCH - Exclusive greatest hits videos

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]