On 21/09/06 08:45 -0600, Kevin Hinze wrote:
> New to the list, so hope this has not already been covered numerous times.
>
> I have been asked to move from a restrictive policy of only
> allowed/permitted ports are allowed through the Firewall to a permissive
> policy of deny known ?bad? port/protocols and allow all else. Does anyone
> have lists, bookmarks or the like to show a list of known ?bad? ports? I


0-65535. Particularly ports 80, 443, 25 and 22.

One hole is enough for the bad guys to get through.

> believe this is a bad idea but need some information to prove how difficult
> it will be to manage.
>

MJR has something on his site about it. Dig through
http://www.ranum.com/

Devdas Bhagat
_______________________________________________
firewall-wizards mailing list
firewall-wizards@listserv.icsalabs.com
https://listserv.icsalabs.com/mailma...rewall-wizards