mailing list archives
Re: Open All Outbound Ports?
From: "James Lee Gromoll" <jgromoll () hotmail com>
Date: Thu, 14 Nov 2002 09:34:41 -0800
Wow! When I first read this I thought, "Gee, what kind of drugs is his
firewall group on?" then I found the whole point of this.....
++++ I am in the security area and they want my agreement/sign off before
they do this. ++++
They are obviously looking for a fall guy. Feel like a chump? In all
honesty, you might and probably should be pissed off that they even
considered this. The flood of peer to peer proggies not to mention the IM
crap and everything else associated with doing that is silly. They're
firewall guys; do the homework and figure out what's going on; block what
needs blocking and open what needs open for your business.
From: David Weinberg <weinberg () bigpond net au>
To: 'tony tony' <tonytorri () yahoo com>,security-basics () securityfocus com,
tonytorri () yahoo com
Subject: Re: Open All Outbound Ports? Date: Tue, 12 Nov 2002 10:36:51 +1100
Opening all outbound ports will also alow peer-peer programs (like
Kazza, Napster etc) and Spyware which will consume *most* of your
So asside from the obvious security risks (tojans etc), you can also
watch your bandwidth go down, down, down.
Unless ofcourse, you work for an ISP/Telco ;)
> > Hi,
> > Our firewall group has came to me several times over the last
> few months
> > wanting my approval to open all of the ?OUTBOUND? ports on our
> firewall facing
> > the internet. Their argument is that this would not
> significantly reduce our
> > security and it will reduce their time/effort in administration.
> They claim
> > they get several requests a week to open up out bound ports and
> the number
> > keeps growing each month. They want to go for the gusto?and open
> up all 65,000+
> > outbound ports.
> > I am in the security area and they want my agreement/sign off
> before they do
> > this. It just does not ?feel/smell right? but I am losing
> ground with my
> > arguments. What are some good arguments I can use?
> > Tony
> > __________________________________________________
> > Do you Yahoo!?
> > U2 on LAUNCH - Exclusive greatest hits videos
> > http://launch.yahoo.com/u2
The new MSN 8: smart spam protection and 2 months FREE*
Re: Open All Outbound Ports? David Weinberg (Nov 12)
RE: Open All Outbound Ports? DeGennaro, Gregory (Nov 13)
Re: Open All Outbound Ports? James Lee Gromoll (Nov 16)
RE: Open All Outbound Ports? Louis Erickson (Nov 16)
RE: Open All Outbound Ports? Farrelly, Brian (Nov 17)
- Re: Open All Outbound Ports?, (continued)