Nevermind. As usual I misread the post. Must have been reading Slashdot too much lately. On Tue, 2003-08-12 at 22:19, Michael Torrie wrote: > On Tue, 2003-08-12 at 21:11, Iain Buchanan wrote: > > > (this is an inbound rule, but I don't think it takes much to turn it > > into an outbound rule) > > Actually, if you have any windows machines at all on your network > inside, it is *essential* to block outbound traffic as well. This > protects others from your machines, as well as protecting your users > from exploits in internet explorer that use UNC paths instead of URLS to > trick windows into transmitting the user's name and password to a > foreign host, which netbios will blindly do. All the foreign server has > to do is force plain text passwords and then he as a good record of > passwords from inside your network. All this from a url that's really a > unc sent in an html e-mail message. All of the ports in question, due > to the inherent insecurity in the netbios protocol, should be blocked in > and out of the firewall, just like you do for Sun RPC and NFS. > > Michael > > > > > > HTH, > > -- > > Iain Buchanan <iain@xxxxxxxxxxxxxxxxxxx> > > > > Lisa: Remember, Dad. The handle of the Big Dipper points to the > > North Star. > > > > Homer: That's nice, Lisa, but we're not in astronomy class. We're in > > the woods. > > > > The Call of the Simpsons > -- > Michael Torrie <torriem@xxxxxxxxxxxx> -- Michael Torrie <torriem@xxxxxxxxxxxx> -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
