RE: Open All Outbound Ports?

Their reason was a lot of the sites that were visited used Passive FTP, that randomly uses any port above port 1024. Why not just restrict the ip ranges to a few hundred (thousand) ports? This is explained in the active vs passive ftp site, http://slacksite.com/other/ftp.html under the topic ft

RE: Open All Outbound Ports?

>I never agreed with it, but one >of their reasons to open this was passive FTP. Their reason was a lot of >the sites that were visited used Passive FTP, that randomly uses any port >above port 1024. Why not just restrict the ip ranges to a few hundred (thousand) ports? This is explained in the a

RE: Open All Outbound Ports?

At 11:44 PM 11/13/02 -0500, you wrote: I never agreed with it, but one of their reasons to open this was passive FTP. Their reason was a lot of the sites that were visited used Passive FTP, that randomly uses any port above port 1024. quick reply, hope this hasn't been covered ad naseum... a s

RE: Open All Outbound Ports?

Read http://slacksite.com/other/ftp.html A pretty good explanation of Active vs Passive FTP. Brian -Original Message- From: Chris Alliey [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 13, 2002 8:44 PM To: Chris Berry; [EMAIL PROTECTED] Subject: RE: Open All Outbound Ports? I

RE: Open All Outbound Ports?

As a server engineer, I've had to deal with the NIMDA and other worms/virii/ as you can guess, that was a little worrisome. Chris -Original Message- From: Chris Berry [mailto:compjma@;hotmail.com] Sent: Monday, November 11, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: R

AW: Open All Outbound Ports?

>From my point of view there will be a big lack of security if you open all outbound ports. Every application would have full access to the internet - do you really want it? More then 50% of all security risks are base insinde your network. So it is very important to have an strict policy

RE: Open All Outbound Ports?

; 'tony tony'; [EMAIL PROTECTED] Subject: RE: Open All Outbound Ports? In addition, in case your network inadvertently becomes a zombie in a DDos, there is no way you can prevent DoS traffice from leaaving your network. Just wondering, if you do have a web server and if thats allowed to mak

Re: Open All Outbound Ports?

> Consider espionage. The information goes out. And what is worse, if someone uses something like scp/ssh, you might get a whiff of it even if you are running monitoring tools. Not only that, it becomes easier for a malicious user to attack other companies if all outbound access is allowed. For

Re: Open All Outbound Ports?

On Sun, 2002-11-10 at 22:25, [EMAIL PROTECTED] wrote: > In-Reply-To: <[EMAIL PROTECTED]> > > ---snip-- > > >opening all outbound ports is a bad idea. classic example is here.. > > > >director of marketing takes laptop home. > > > >director gets hacked via Trojan downloaded from non corporate mail

Re: Open All Outbound Ports?

Opening all outbound ports will also alow peer-peer programs (like Kazza, Napster etc) and Spyware which will consume *most* of your bandwidth. So asside from the obvious security risks (tojans etc), you can also watch your bandwidth go down, down, down. Unless ofcourse, you work for an ISP/T

RE: Open All Outbound Ports?

: Friday, November 08, 2002 2:34 PM To: [EMAIL PROTECTED] Subject: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the "OUTBOUND" ports on our firewall facing the internet. Their argument is tha

RE: Open All Outbound Ports?

-Naveed -Original Message- From: Garbrecht, Frederick [mailto:FGarbrecht@;ecogchair.org] Sent: Sunday, November 10, 2002 12:25 AM To: 'tony tony'; [EMAIL PROTECTED] Subject: RE: Open All Outbound Ports? A couple of things come to mind. Spyware programs installed by internal users ina

Re: Open All Outbound Ports?

From: tony tony <[EMAIL PROTECTED]> Our firewall group has came to me several times over the last few >months wanting my approval to open all of the “OUTBOUND” ports on our >firewall facing the internet. Not a good idea. One of the most important things during a security breach is to keep the

Re: Open All Outbound Ports?

Consider espionage. The information goes out. -- James W. Meritt CISSP, CISA Booz | Allen | Hamilton phone: (410) 684-6566

Antwort: Open All Outbound Ports?

: +49 4331 4472124 - Fax: -2200 *** Fingerprint: FC19 7F6D 4405 EF4F AE25 96CD 8DAB B7D6 F3B6 9F01 tony tony <[EMAIL PROTECTED]> 08.11.02 02:33 An: [EMAIL PROTECTED] Kopie: Thema: Open All Outbound Ports? Hi

Re: Open All Outbound Ports?

Bad idea, That would allow remote access style trojans and ddos bots to have a nice big foot hole to step in, just my 2 cents -- Windows is a 32-bit extension and a graphical shell for a 16-bit patch to an 8-bit operating system originally coded for a 4-bit microprocessor, written by a 2-bit com

Re: Open All Outbound Ports?

In-Reply-To: <[EMAIL PROTECTED]> ---snip-- >opening all outbound ports is a bad idea. classic example is here.. > >director of marketing takes laptop home. > >director gets hacked via Trojan downloaded from non corporate mail. > >director brings laptop back to work. > >using netcat hack

RE: Open All Outbound Ports?

EMAIL PROTECTED] Subject: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the "OUTBOUND" ports on our firewall facing the internet. Their argument is that this would not significantly reduce

Re: Open All Outbound Ports?

On Thu, 2002-11-07 at 20:33, tony tony wrote: > Hi, > > Our firewall group has came to me several times over the last few months > wanting my approval to open all of the “OUTBOUND” ports on our firewall facing > the internet. Their argument is that this would not significantly reduce our > secur

Re: Open All Outbound Ports?

Hi Tony, Running your server with all outbound ports open is NOT secure. Even if the administrators claim they know all the applications using the ports they will never, for example, know when there is a trojan horse lying and waiting för an inbound connection...firewalling is a way to control

RE: Open All Outbound Ports?

@;yahoo.com] Sent: Thursday, November 07, 2002 7:34 PM To: [EMAIL PROTECTED] Subject: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the OUTBOUND ports on our firewall facing the internet. Their argument is

Open All Outbound Ports?

Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the “OUTBOUND” ports on our firewall facing the internet. Their argument is that this would not significantly reduce our security and it will reduce their time/effort in administration