Great Circle Associates Firewalls
(February 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: FTP and Telnet
From: Tom Fitzgerald <fitz @ wang . com>
Date: Fri, 25 Feb 94 13:50:05 EST
To: sdeb @ callisto . eci-esyst . com (Steve Eason)
Cc: firewalls @ greatcircle . com, admin @ callisto . eci-esyst . com
In-reply-to: <9402251120 . AA15403 @ callisto . eci-esyst . com>; from "Steve Eason" at Feb 25, 94 6:20 am

> If anyone is willing, I could sure use input about whether your companies
> generally allow unrestricted telnet and ftp from inside to out. Has anyone
> really ever ftp'ed anything with a worm or virus into a site from the
> Internet? If yes, are there virus an> d/or worm protection
> software/procedures that will help alleviate this threat?

If you block outbound ftp, people will just use modems to dialout to other
accounts and zmodem the files in, or send mail to ftp-mail @
 decwrl (or
whatever it's called), or zmodem the files from compuserve to ther home
systems and bring them in on floppy.  You may as well allow it and save on
the effort and phone bills, and keep a log of who connected where.

Outbound telnet seems to be harmless.

Antiviral code on all DOS machines is valuable regardless of whether you
have outbound ftp/telnet.  People will bring files in on floppy anyway.
(Not to mention the occasional real vendor release that arrives infected).

-- 
Tom Fitzgerald   Wang Labs   Lowell MA, USA   1-508-967-5278   fitz @
 wang .
 com
Pardon me, I'm lost, can you direct me to the information superhighway?


References:
  • FTP and Telnet
    From: sdeb @ callisto . eci-esyst . com (Steve Eason)
Indexed By Date Previous: Re: trojans, and such
From: smb @ research . att . com
Next: Encryption?
From: <@atc.boeing.com:"a1::birdt"@maple.a1r.boeing.com>
Indexed By Thread Previous: Re: FTP and Telnet
From: Frederick M Avolio <avolio @ tis . com>
Next: Re: FTP and Telnet
From: Marcus J Ranum <mjr @ tis . com>

Google
 
Search Internet Search www.greatcircle.com