What's the point of not allowing all outgoing traffic by default?

---

• From: linuxlover992000@xxxxxxxxx
• Date: 23 May 2007 22:13:22 -0700

---

I have a small home network comprised of Windows and Linux PCs. I am
not serving anything to the internet. That is, all incoming traffic is
blocked blocked.

On the other hand, up until now, I allow ougtoing on a case (port/
service) by case basis. That is, up until now I add yet another port
range to the list of allowed ports/services whenever I discover
another application that needs it.

As time goes by, I discover now that I accumulated a long list of
"allow" that amounts to *almost* openning all ports... which brings
the obvious question: why make it so complicated and tedious, when I
can simply allow all outbound traffic and be done with all the hassle?

Nowdays when client PCs use so many services that practically require
opening all outgoing ports, it seems that the classic rule of thumb of
"First disallow everything by default, then only allow those needed"
is simply outdated.

Am I missing something?

Thanks,
Lynn

.

---

• Follow-Ups:
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: Leythos
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: Ramon F Herrera
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: flamer die.spam@xxxxxxxxxxx
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: flamer die.spam@xxxxxxxxxxx
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: Moe Trin
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: Sebastian G.
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: AMR
  • Re: What's the point of not allowing all outgoing traffic by default?
    • From: Ansgar -59cobalt- Wiechers

• Prev by Date: Re: Router Setup - What do YOU use for your router's name? Why?
• Next by Date: Re: What's the point of not allowing all outgoing traffic by default?
• Previous by thread: Re: Router Setup - What do YOU use for your router's name? Why?
• Next by thread: Re: What's the point of not allowing all outgoing traffic by default?
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Damn you, FEDEX! or Nikon D40 lost in Springfield, MO blackhole. ... the 2 mp Mavica he had been using with a Nikon D40. ... After shopping around, he got me to order one for him. ... The shipper had it insured, but from what I have read it could take weeks to sort this crap out. ... You may get your insurance from FedEx and a couple weeks later they find it and deliver it. ... (alt.photography) Re: Please help with Linux to ISA migration ... no internet on local PCs ... i want to replace both Linux PCs and i'd like to use one ISA for all the stuff (incl. ... Do you want to keep the Internet access the same way, ... Is there a reason why you cannot go all the way, since you're replacing the Linux firewall, and use ISA for VPN? ... (microsoft.public.isa) Re: The Sci-Fi Rejection Letter That Time Forgot ... nations have stockpiled arsenals of these incredible bombs and the time the story is set. ... (rec.arts.sf.written) RE: copied music cds have a skip in last 18 seconds ... If installing all missing Windows Updates doesn't fix your problem ... xiowan.......in tucson ... (microsoft.public.windows.mediacenter)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.firewalls  > 2007-05