firewall ruleset

To: debian-isp@lists.debian.org
Subject: firewall ruleset
From: Maurice Verhagen <maurice@verhagen.org>
Date: Wed, 20 Dec 2000 09:47:12 +0100 (CET)
Message-id: <[🔎] Pine.LNX.4.21.0012200943250.32696-100000@grover.core.verhagen.org>

Hello,

I have some problem with several users on our network. 
The firewall settings are the following:
reject all traffic (incoming, outgoing, forward)
accept several ports.
I don't want them to surf the web so I closed port 80 for all sites except
some (for instance some business related sites).
Now some wiseguys found out that all the reply ports are open
(1023-65535) and they use anonymous proxies around the world. 
I closed port 3128 and 8080 (most common). But now they use random ports
with a port-redirector I guess at several boxes outside the company.

I wondered if there is a better ruleset then allowing all high ports
(1023+) ??

Kind regards,
Maurice Verhagen

Reply to:

Follow-Ups:
- RE: firewall ruleset
  - From: wsuetholz@centonline.com
- RE: firewall ruleset
  - From: wsuetholz@centonline.com

Prev by Date: motherboard comments
Next by Date: RE: firewall ruleset
Previous by thread: motherboard comments
Next by thread: RE: firewall ruleset
Index(es):
- Date
- Thread