>I could easily block port 80, but all that will do is force the likely
>offenders to taking a non-standard port. As is sometimes the case,
>internal users are the people you spend most of your time working
>against...
I think you have bigger problems than you think. If your internal network
has direct connectivity from the outside world, such that someone can make a
direct connection from the outside world to arbitrary ports... or even
arbitrary high ports... on arbitrary systems in your network, well, there's
any number of interesting things that are open to attack.
I suggest that you install something more restrictive than a filter... at least
a NAT device like a PIX.
>I need something that will examine incoming packets to see if they are
>http requests and deny those... but I don't know if such a thing
>exists.
You need something that looks for incoming X connections, incoming SQLNET
connections, and so on. Or you need a firewall.
--
In hoc signo hack, Peter da Silva <[EMAIL PROTECTED]>
`-_-' Ar rug t� barr�g ar do mhact�re inniu?
'U` "Be vewy vewy quiet...I'm hunting Jedi." -- Darth Fudd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
