At 2003-06-17T12:13:46Z, Andrew Thomson <[EMAIL PROTECTED]> writes: > i have a list of ports that i let my users go out on: 80, 22, 143, 443 etc > etc..
Out of curiosity, do you have control over the set of machines that your users are connecting to? I.e., are they uploading to your own FTP server at a colo site? If so, you might consider dropping FTP altogether in favor of SFTP. It's radically easier to firewall; you just open a single TCP port. You also get decent authentication and end-to-end encryption. Just a thought. -- Kirk Strauser In Googlis non est, ergo non est.
Description: PGP signature