Frank Knobbe wrote:
>
> SMTP email originates on port 25. [snip]
> To thwart of the curious,
> one can just construct his firewall rule to only allow traffic to
> port 25 if it originates from port 25. Seems to hide it from most
> port scans as well.
1. I've never seen this myself. Might just be me being selectively
blind though, so never mind.
2. I strongly recommend against adding filters like this. Otherwise
you'll get the same problem that apple.com had, where no one behind
a NATing FW-1 could access apple.com, because FW-1 was changing the
originating port from 53 to something in the range 512--1023. Never
trust the originator port to be any specific value; there are just
too many NATing devices with different behaviors out there.
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05
Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50
WWW: http://www.enternet.se/ E-mail: [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
