Re: blocking kazaa

To: debian-firewall@lists.debian.org
Subject: Re: blocking kazaa
From: "Jamin W. Collins" <jcollins@asgardsrealm.net>
Date: Tue, 19 Nov 2002 13:05:35 -0600
Message-id: <20021119190534.GC26663@asgardsrealm.net>
Mail-followup-to: debian-firewall@lists.debian.org
In-reply-to: <F77R8Yv8r4RoVEhH8Ea0001a4c8@hotmail.com>
References: <F77R8Yv8r4RoVEhH8Ea0001a4c8@hotmail.com>

On Tue, Nov 19, 2002 at 07:11:32PM +0100, ezra daniel wrote:

> In every firewall manual its explained that a good firewall should
> allow only certain traffic and always block/drop the rest...

In some cases this should be taken in moderation.  The admin needs to
balance convenience and security.  In most cases the more secure that
something becomes, the less convenient it becomes.

Additionally, how would you deal with blocking client side applications
that masquerade as other types of traffic?  Such as clients that connect
to remote hosts on ports like 80, 22, 53, etc that your site allows out
as legitimate traffic.  

> He seems not to be doing so.

Most firewall scripts that I've seen set a default DROP policy for all
inbound external traffic and a default allow for all outbound internal
traffic.  For most sites, this is an acceptable compromise.

-- 
Jamin W. Collins

Reply to:

Follow-Ups:
- Re: blocking kazaa
  - From: "Arne P. Boettger" <apb@wohnheim.fh-wedel.de>

References:
- Re: blocking kazaa
  - From: "ezra daniel" <ezra_daniel@hotmail.com>

Prev by Date: RE: blocking kazaa
Next by Date: Newbie can't get firewall to quit working
Previous by thread: RE: blocking kazaa
Next by thread: Re: blocking kazaa
Index(es):
- Date
- Thread