alt Hacker NewsWhy would anyone configure it to do that?
Like, I understand the really restrictive ones that only allow web browsing. But why allow outgoing ssh to port 22 but not other ports? Especially when port 22 is arguably the least secure option. At that point let people connect to any port except for a small blacklist.
Replies
9dev • today at 6:43 AM
Asking back, when I limit the outgoing connections from a network, why would I account for any nonstandard port and make the ruleset unwieldy, just in case someone wanted to do something clever?
➕ show 1 reply
otterley • today at 5:59 AM
I’m not a network security expert, so I don’t know the threat model. I just know that this is a thing companies do sometimes.
Middlebox operators aren't known for making reasonable or logical decisions.