Re: What's the point of not allowing all outgoing traffic by default?
- From: Ansgar -59cobalt- Wiechers <usenet-2007@xxxxxxxxxxxxxxxx>
- Date: 24 May 2007 13:22:59 GMT
linuxlover992000@xxxxxxxxx wrote:
I have a small home network comprised of Windows and Linux PCs. I am
not serving anything to the internet. That is, all incoming traffic is
blocked blocked.
On the other hand, up until now, I allow ougtoing on a case (port/
service) by case basis. That is, up until now I add yet another port
range to the list of allowed ports/services whenever I discover
another application that needs it.
As time goes by, I discover now that I accumulated a long list of
"allow" that amounts to *almost* openning all ports... which brings
the obvious question: why make it so complicated and tedious, when I
can simply allow all outbound traffic and be done with all the hassle?
Nowdays when client PCs use so many services that practically require
opening all outgoing ports, it seems that the classic rule of thumb of
"First disallow everything by default, then only allow those needed"
is simply outdated.
Am I missing something?
Yes. Since you're in control of your internal network the reasonable
measure against unwanted outbound traffic is not to block that traffic,
but to eliminate its source.
cu
59cobalt
--
"If a software developer ever believes a rootkit is a necessary part of
their architecture they should go back and re-architect their solution."
--Mark Russinovich
.
- References:
- What's the point of not allowing all outgoing traffic by default?
- From: linuxlover992000
- What's the point of not allowing all outgoing traffic by default?
- Prev by Date: What's the point of not allowing all outgoing traffic by default?
- Next by Date: Re: Connection problems from inside LAN
- Previous by thread: What's the point of not allowing all outgoing traffic by default?
- Next by thread: Re: What's the point of not allowing all outgoing traffic by default?
- Index(es):
Relevant Pages
|
|
