|
||||||||
'Port Knocking' is another alternative for selectively opening ports. On Dec 13, 2009, at 14:18, Chris Buechler wrote: > On Sun, Dec 13, 2009 at 5:13 AM, Quark Group - Hilton Travis > <Hilton at quarkgroup dot com dot au> wrote: >> G'day Robert, >> >> So, you're saying that the ability for any app to open a port on >> your firewall when it wants is a way to increase security? Sorry, >> not in my world it isn't. What stops malware opening ports in > a >> UPnP device? UPnP has *no* place on a security device. >> > > A legit argument can be made that having the ports open only when > necessary is better than having them open always. A good upnp > implementation that allows you to limit which hosts and which ports > can be used eliminates the concerns about having things opened that > shouldn't be. In combination with the ability to not always have those > things open, it really can be more secure than the alternative, having > the same things open always whether or not they're being used. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch > |