Firewalls: outbound connections

Firewalls
(June 1994)

Indexed By Thread: [Previous] [Next]

Subject:	outbound connections
From:	lacoursj @ uprc . com (Jeffrey D. LaCoursiere)
Date:	Fri, 3 Jun 1994 08:54:53 +0600
To:	firewalls @ greatcircle . com

We have been using SOCKS to proxy outbound connections through our
firewall.  Up to this point, my socks.conf file contained just a few
entries to allow outbound connections to certain ports (telnet, ftp, etc.).
With the advent of Mosaic I seem to be adding another line every few days
or so for this service and that (baseball score service in colorado on port
400, weather service on some michigan machine on port 70, etc.).

I have two questions.  The first is: why are people putting these generic
services on privileged ports?  The second is: Why do I really care?

Is it considered problematic to allow outgoing conections to any port?


Jeff LaCoursiere
Network Admin
UPRC
Ft. Worth, TX
/**********************************************************************

              THE MAGIC WORDS ARE SQUEAMISH OSSIFRAGE

**********************************************************************/

Indexed By Date	Previous:	incoming/outgoing packet filtering (Cisco screening) From: MICHAEL NITTMANN <NITTMANN @ UWLAX . EDU>
Indexed By Date	Next:	Source port filtering From: MICHAEL NITTMANN <NITTMANN @ UWLAX . EDU>
Indexed By Thread	Previous:	Re: incoming/outgoing packet filtering (Cisco screening) From: gdonl @ gv . ssi1 . com (Don Lewis)
Indexed By Thread	Next:	Re: outbound connections From: long-morrow @ CS . YALE . EDU (H Morrow Long)