Spam: RE: [framework] Spam: How safe is a hardware firewall?
Kim Guldberg
kim at bufferzone.dk
Mon Nov 5 13:41:52 CST 2007
Hi Robin
Let me ask you some simple questions.
Does any of your servers need to be able to brows web pages. If nobody
browses from your servers, as nobody should, you can block port 80 out
bound for all your servers.
Does any of your servers need to be able to send and/or get mail. If
not, block ports 25 and 110 out bound for all server IP's (maybe not for
the mail server)
You need to ask your self the above questions for all ports 1 to 1025
plus some of the higher reserved ports e.b. port 5900 if you are not
using VNC and so forth
This is just some of the things you can do to tighten your rule base.
Basically you start by closing and silencing everything, and then open
just the holes you absolutely need for the IP's you absolutely need, in
the timespan you absolutely need.
Regards
Kim
Robin Kipp skrev:
> Hi Kim,
> OK, thanks for your deteiled reply. Well, the problem is that I had to
> allow all outbound traffic because not only the server, but also my
> other computers are behind the firewall. However, the firewall scans all
> incoming and outgoing traffic for malicious code and the firewall keeps
> on sending me email messages telling me about all the intrusions and
> viruses that were blocked. Is there maybe a tool available that I can
> use to try to hack my own server? The problem is that all the Metasploit
> exploits don't seem to work :-( Thanks! Robin
>
>
>
More information about the framework
mailing list