My vote for the biggest vulerability is downloading a virus infected
document or file and infect the corporate net.
There are also vulerabilities associated with some protocols which
require reply ports to be available for input. FTP is a good example.
The host establishes the data connection so you need open "holes" in the
firewall to accomdate these connections. And watch out for spoofing
attacks. Sometimes firewall filters aren't really good at
differentiating between interfaces when the packet has a valid internal
network address.
"Simplify - There is no value in complexity, it's too difficult to
manage."
Bill Stackpole, CISSP
Seitel Leeds & Associates Voice: 206.283.4355
2 Nickerson St. Suite 201 Email: bstackpole @
sla .
com
Seattle, Wa 98109
> -----Original Message-----
> From: Bill Crane [SMTP:bcrane @
ATLANTA .
ViewCall .
net]
> Sent: Wednesday, June 11, 1997 3:57 PM
> To: 'firewalls @
GreatCircle .
COM'
> Subject: Unlimited Outbound Access
>
> What are the security risks associated with unlimited outbound access
> through a firewall? If I allow all of my internal users from any
> internal
> machine to have complete outbound internet access (telnet, ftp, http,
> etc)
> then what vulnerabilities am I opening up that I should be aware of?
>
> I know this question is tangentially related to questions concerning
> Firewall Policy. I don't want to argue policy here, but rather I want
> to
> educate myself to help drive the policy discussions that I will be
> attending.
>
> Thanks
> Bill Crane
> bcrane @
viewcall .
net
>
|
|
