Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: RE: Unrestricted Outbound Web Server Access Opinion

RE: Unrestricted Outbound Web Server Access Opinion

From: Hamish Stanaway <koremeltdown_at_hotmail.com>
Date: Wed, 04 May 2005 09:51:16 +0000

Hi there Paul,

Another reason you might not want to do this is because if you had no
restrictions on outbound connections a worm infection might cause your
infected server(s) to end up on blacklists, effectivly cutting your servers
reach... meaning some people may consider your machine "bad". If you
continued restrictions, hopefully this would never happen.
Having no restrictions on outbound connections on a T1 is just asking for
trouble.

Kindest of regards,

Hamish Stanaway, CEO

Absolute Web Hosting / -= KoRe WoRkS =- Internet Security
Auckland, New Zealand

http://www.webhosting.net.nz
http://www.buywebhosting.co.nz
http://www.koreworks.com

>From: "Paul Guibord" <pguibord_at_tngtech.net>
>To: <security-basics_at_securityfocus.com>
>Subject: Unrestricted Outbound Web Server Access Opinion
>Date: Tue, 3 May 2005 08:54:57 -0400
>MIME-Version: 1.0
>Received: from outgoing.securityfocus.com ([205.206.231.27]) by
>mc7-f34.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Tue, 3 May 2005
>17:27:02 -0700
>Received: from outgoing.securityfocus.com by outgoing.securityfocus.com
> via smtpd (for mc7.bay6.hotmail.com [65.54.253.99]) with ESMTP; Tue,
>3 May 2005 17:26:49 -0700
>Received: from lists.securityfocus.com (lists.securityfocus.com
>[205.206.231.19])by outgoing3.securityfocus.com (Postfix) with QMQPid
>3E6B8237346; Tue, 3 May 2005 17:41:32 -0600 (MDT)
>Received: (qmail 24629 invoked from network); 3 May 2005 13:22:53 -0000
>X-Message-Info: 6sSXyD95QpVjocF6boLwVQrxxioEG/C7OhezxW0vqCA=
>Mailing-List: contact security-basics-help_at_securityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <security-basics.list-id.securityfocus.com>
>List-Post: <mailto:security-basics_at_securityfocus.com>
>List-Help: <mailto:security-basics-help_at_securityfocus.com>
>List-Unsubscribe: <mailto:security-basics-unsubscribe_at_securityfocus.com>
>List-Subscribe: <mailto:security-basics-subscribe_at_securityfocus.com>
>Delivered-To: mailing list security-basics_at_securityfocus.com
>Delivered-To: moderator for security-basics_at_securityfocus.com
>Content-Class: urn:content-classes:message
>X-MimeOLE: Produced By Microsoft Exchange V6.0.6375.0
>X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Unrestricted Outbound
>Web Server Access Opinion
>thread-index: AcVP3sPFIFTQYY1uTIW4rifehaq72wAAHEvw
>Return-Path:
>security-basics-return-33848-koremeltdown=hotmail.com_at_securityfocus.com
>X-OriginalArrivalTime: 04 May 2005 00:27:02.0391 (UTC)
>FILETIME=[FDF6F870:01C5503F]
>
>
>Hello All,
>
>Someone within our company wants our Internet facing web servers to have
>unrestricted outbound access. Port 80 is the only port permitted from
>the outside coming in. I need the experts opinion why we do not want to
>permit this PLEASE. Two things I could think of are if the web servers
>were compromised, then the hacker would have the ability offload any
>data they want. Another being if they were infected with a worm they
>would bring down the Internet T1 in their attempt to find other devices
>to infect.
>
>Thanks in advance for everyone's input.
>
>Paul
Received on May 05 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos