Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Reasons against opening I-net access..

To: Joe Delsol <[email protected]>
Subject: Re: [FW1] Reasons against opening I-net access..
From: [email protected]
Date: Fri, 8 Sep 2000 14:54:33 +0200
Cc: "FW-1 List (E-mail)" <[email protected]>
Sender: [email protected]


Joe,

this is no reason to open up all outgoing TCP ports. I suggest making a
group like "standard services", containing things like http, ftp asf. and
as far as I know FW-1 is able to handle the re-direction to a high-numbered
port by an ftp server to a client still in a secure, statful fashion. Make
only so much "holes in your swiss cheese" as necessary is my gospel, when
dealing with service demands.

Cheers
Ralf G.


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Reasons against opening I-net access..
Next by Date: Re: [FW1] Reasons against opening I-net access..
Previous by thread: Re: [FW1] Reasons against opening I-net access..
Next by thread: RE: [FW1] Reasons against opening I-net access..
Index(es):
- Date
- Thread