Home page logo

basics logo Security Basics mailing list archives

Re: Open All Outbound Ports?
From: "Sumit Dhar" <ml_dhar () yahoo com>
Date: Tue, 13 Nov 2001 10:23:00 +0530

Consider espionage.  The information goes out.

And what is worse, if someone uses something like scp/ssh, you might get a
whiff of it even if you are running monitoring tools.

Not only that, it becomes easier for a malicious user to attack other
companies if all outbound access is allowed. For example, if only the http
port is open such a user might not be able to use an exploit for ssh against
an external host.

Lots of small reasons like this why opening *ALL* outbound ports might not
be a great idea.

With Regards,
Sumit Dhar

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]