[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: blocking kazaa

On Tue, Nov 19, 2002 at 07:11:32PM +0100, ezra daniel wrote:

> In every firewall manual its explained that a good firewall should
> allow only certain traffic and always block/drop the rest...

In some cases this should be taken in moderation.  The admin needs to
balance convenience and security.  In most cases the more secure that
something becomes, the less convenient it becomes.

Additionally, how would you deal with blocking client side applications
that masquerade as other types of traffic?  Such as clients that connect
to remote hosts on ports like 80, 22, 53, etc that your site allows out
as legitimate traffic.  

> He seems not to be doing so.

Most firewall scripts that I've seen set a default DROP policy for all
inbound external traffic and a default allow for all outbound internal
traffic.  For most sites, this is an acceptable compromise.

Jamin W. Collins

Reply to: