mailing list archives
Re: Open All Outbound Ports?
From: "Sumit Dhar" <ml_dhar () yahoo com>
Date: Tue, 13 Nov 2001 10:23:00 +0530
Consider espionage. The information goes out.
And what is worse, if someone uses something like scp/ssh, you might get a
whiff of it even if you are running monitoring tools.
Not only that, it becomes easier for a malicious user to attack other
companies if all outbound access is allowed. For example, if only the http
port is open such a user might not be able to use an exploit for ssh against
an external host.
Lots of small reasons like this why opening *ALL* outbound ports might not
be a great idea.