Great Circle Associates Firewalls
(March 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: DNS Client Ports
From: Marcus J Ranum <mjr @ TIS . COM>
Date: Sat, 13 Mar 93 21:22:38 EST
To: FireWalls @ GreatCircle . COM, mischler @ cubic . com

>Should I allow "random" client ports through?  What are the security
>implications?

	One implication is that anyone with a tunnelling driver can
run IP tunnelled through your firewall using NS packets as the
transport layer.

	Yes, I have code that does this. ;)

mjr.



Follow-Ups:
Indexed By Date Previous: DNS Client Ports
From: Dave Mischler <mischler @ cubic . com>
Next: Re: DNS Client Ports
From: lars @ spectrum . CMC . COM (Lars Poulsen)
Indexed By Thread Previous: DNS Client Ports
From: Dave Mischler <mischler @ cubic . com>
Next: Re: DNS Client Ports
From: lars @ spectrum . CMC . COM (Lars Poulsen)

Google
 
Search Internet Search www.greatcircle.com