On Mon, Feb 02, 2004 at 05:02:58PM -0500, Paul Robertson wrote:
> Now that most firewalls don't proxy, it seems way too many places
> are allowing TCP straight out to any port, so long as it originates
> inside (certainly the "NAT is a firewall crowd.") How many people
> routinely block TCP/6667, or non-allowed applications? How many of
> you who don't block it do regular reports on connections initiated
> inside to external servers that aren't on port 80, 443, etc?
Two words: Preaching. Choir. :)
That said, IMHO, you should be grateful for all the sites that allow
all outbound. Firewalling is an arms race. If most sites blocked
default outbound, bot/zombie authors would escalate the race by doing
something like tunneling via https or some other service that was
still allowed.
- Morty
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 03 2004
Intro
