In general, the greatest risks come from incoming services, not outgoing services. There are, however, some security risks with outgoing services as well. Control of outgoing services helps to protect your network from hostile acts within your organization. For example, when configuring the outgoing FTP service, you can make it read-only and/or restrict the destination hosts that can receive such a transmission. This prevents insiders from using FTP to transmit corporate secrets to a home computer or to a rival organization.
As another example, passwords used for some services (FTP, telnet, POP) are sent in the clear. If the passwords are the same as those used internally, a hacker can hijack that password and use it to gain access to your network.
Related topics:
Selecting Services for your Security Policy Objectives
Adding and Configuring Services
Copyright
© 1996 - 2003 WatchGuard Technologies, Inc. All rights reserved.
Legal Notice/Terms of Use