Hi everybody,
i would like to have your views and comments on this. we have implemented
FW-1 wherein the outbound http traffic is allowed on port 80 (standard).
there are some users who wanted to browse a specific site implemented on a
different port no. though i have opened the port on the FW-1 to enble them,
there was a specific query as to why we are restricting outbound access on
specific port only. "security reasons" was not sufficient for the
explanation.
the counter argument was that u are anyway preventing all inbound access,
then why restrict outbound on a specific port. the vulnerabilities are same
as if when the port 80 is open.
request your views on this and what is the normal way of implementing. is it
specific ports open or all open. users had feedback from outside that it is
ridiculous on FW implementation to restrict http on specific port. as per
them there are worldwide so many sites on different ports for public
viewing.
your expert opinions sought for.
regards
anil bhelkar
[EMAIL PROTECTED]
This communication is for the exclusive use of the intended receipient/s
and shall not attach any liability on the originator. It may contain
information which is confidential and legally priviledged and the same shall
not be used or dealt with by any third party in whatsover manner.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
