Is it true that in order to be "secure" firewalls should restrict access
to protected services by filtering the SOURCE port of the connection
from the outside?
I work on an application for which a single participating machine may
need to open multiple connections to a single service on a target server
machine. That target service listens on a single known port. It's not
even possible to work this scenario without allowing there to be
multiple source ports, right? Otherwise how are the individual sockets
distinguishable?
What is anyone REALLY losing by allowing packets to flow where the
source port is not checked? It seems that damage can only be done to
open listeners... Generally of the stuff I've read so far, filtering
source ports is more likely to break things than actually increase
security. A hacker can always specify a source port that would work
anyway, right?
Any general comments about the pros or cons of source port filtering in
firewalls would be appreciated.
Thanks!
Guy
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
