In this age of Internet worms, more needs to be done at an organization level. Nearly all worms today will infect a server on a particular network listening port and then will attempt to propagate itself out to other vulnerable servers. However, while most of these servers may have a legitimate reason for listening on the port (such as TCP port 80 for a web server), this same web server should not need to send out requests to other web servers. The concept is the same for a server that has been taken over by a malicious attacker – an organization has the ability to limit what an attacker can launch from an exploited box to other companies and organizations. This article will address securing the edge firewall for not only incoming traffic, but outgoing traffic as well.
Firewalls have become an essential tool in the fight against hackers and malicious activities. However, an improperly located, configured, or monitored firewall can give a false sense of security for the organization. Simply placing a firewall and blocking access into the network is only one step in battle. This paper will also address some additional steps necessary to better protect yourself and prevent an exploited box from becoming a platform for attack or the latest warez server.
This document is in PDF format. To view it click here.