[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

firewall ruleset


I have some problem with several users on our network. 
The firewall settings are the following:
reject all traffic (incoming, outgoing, forward)
accept several ports.
I don't want them to surf the web so I closed port 80 for all sites except
some (for instance some business related sites).
Now some wiseguys found out that all the reply ports are open
(1023-65535) and they use anonymous proxies around the world. 
I closed port 3128 and 8080 (most common). But now they use random ports
with a port-redirector I guess at several boxes outside the company.

I wondered if there is a better ruleset then allowing all high ports
(1023+) ??

Kind regards,
Maurice Verhagen

Reply to: