>From my point of view there will be a big lack of security if you open all outbound ports. Every application would have full access to the internet - do you really want it?
More then 50% of all security risks are base insinde your network. So it is very important to have an strict policy for outbound applications! You should review all requests very carfully! Verify if there is a real need to open this ports - all open ports could be used by other "unfriendly" programs! Robert -- http://board.protecus.de - Firewalls, Security and more ... -----Ursprungliche Nachricht----- Von: [EMAIL PROTECTED] [mailto:security-basics-return-15832-rsieber=web.de@;securityfocus.com]Im Auftrag von tony tony Gesendet: Freitag, 8. November 2002 02:34 An: [EMAIL PROTECTED] Betreff: Open All Outbound Ports? Hi, Our firewall group has came to me several times over the last few months wanting my approval to open all of the OUTBOUND ports on our firewall facing the internet. Their argument is that this would not significantly reduce our security and it will reduce their time/effort in administration. They claim they get several requests a week to open up out bound ports and the number keeps growing each month. They want to go for the gustoand open up all 65,000+ outbound ports. I am in the security area and they want my agreement/sign off before they do this. It just does not feel/smell right but I am losing ground with my arguments. What are some good arguments I can use? Tony __________________________________________________ Do you Yahoo!? U2 on LAUNCH - Exclusive greatest hits videos http://launch.yahoo.com/u2