Fortifying Your Firewalls
When people permit me to attach my notebook to their networks, I'm always polite. I don't scan, although I might run a sniffer to make a point during a demonstration. What impresses me the most when visiting another organization's network is a firewall configuration that prevents me from using Secure Shell (SSH) to visit my own network.
Most people view firewalls as devices charged with keeping attackers outside. Network and security administrators configure firewalls to block scanning, attacks, and other hostile activity from external networks, while permitting only restricted access to designated internal servers. But with just a little more work, those same firewalls can easily prevent additional attacks from succeeding - all by blocking arbitrary external accesses. For some servers, firewalls that block all outgoing connections will slow the spread of worms and even prevent an attack from succeeding.
[ Read more ]