At 03:49 PM 11/13/95 EST, TMOONEY.UMI.COM wrote:
>A vendor of an on-line database asks that we open our firewall to their
>Class B address space for both UDP and TCP on ports 8000 thru 9120.
>I have been asked to quantify the risks involved. My initial list includes:
>Why do they need their entire Class B? This allows ANYONE in their domain
>Why do they want 1120 ports of both UDP or TCP? This seems a little large to
>Any words of wisdom from admins "who have been there" that I can use to
>bolster my initial "This is a BAD IDEA" reaction to upper management would be
>Senior UNIX System Administrator
Okay, "This is a Bad Idea." The gaping hole approach to network security.
Paul Ferguson || ||
Consulting Engineering || ||
Reston, Virginia USA |||| ||||
tel: +1.703.716.9538 ..:||||||:..:||||||:..
e-mail: pferguso @
com c i s c o S y s t e m s