At 2003-06-17T12:13:46Z, Andrew Thomson <[EMAIL PROTECTED]> writes:

> i have a list of ports that i let my users go out on: 80, 22, 143, 443 etc
> etc..

Out of curiosity, do you have control over the set of machines that your
users are connecting to?  I.e., are they uploading to your own FTP server at
a colo site?  If so, you might consider dropping FTP altogether in favor of
SFTP.  It's radically easier to firewall; you just open a single TCP port.
You also get decent authentication and end-to-end encryption.  Just a
thought.
-- 
Kirk Strauser
In Googlis non est, ergo non est.

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to