Re: What's the point of not allowing all outgoing traffic by default?

Thank you all for your replies. My conclusion from all of this is that
it all boils down to effort vs. benefit.

What I forgot to mention is that the main reason I was asking this is
because my NETGEAR FVS328 router/firewall is so crappy (buggy) that I
need to re-think my old strategy:

Once upon a time I used to have my firewall running in a Linux box
(old PC consuming at least 150W). I then decided that I need to
conserve energy and purchased a NETGEAR FVS328 that consumes only 12W.

What an inferior product - in order for me to stay connected to the
Internet I need to reboot it every 2 weeks or so... Certainly the last
time I would ever buy a NETGEAR product. I am saying this not before I
have exhausted all their useless tech support.

So back to the original question: I discovered that when I disable
certain features in my NETGEAR router/firewall, the frequency of
required reboots tends to be lower. One of this features was logging
which has become completely unusable in this product. Also,
eliminating the numerous outbound rules could ease the pain on this
poort NETGEAR prodcut. Lastly, maintaining rules in the NETGEAR FVS328
is so slow and painful - it seems that the theoretical risk in
allowing all outbound traffic is worthwhile - until I find a piece of
hardware that consumes 12W-15W and is able to run iptables, VPN, DNS
proxy, NTP server and some additional useful tools (emacs?).

Thank you all for your replies - you certainly helped me to make a
decision to allow all outbound traffic by default.

Lynn

On May 26, 11:18 am, AMR <sirus.co...@xxxxxxxxx> wrote:
Unless you're extremely bored and want to watch every single thing
coming out of your HOME network...

Allowing anything outbound and blocking your OWN subnet INBOUND is ALL
you need.

IF you're going to sit there and control every little thing coming out
of your HOME network you might as well just proxy your connections and
not even mess with firewalling the outbound traffic.


.

Relevant Pages

  • it wont print
    ... Got a home network with three pc's two with XP home and the other running 98 ... conected to a netgear rp614 router. ... job to my hp930 feed by netgear print server the pc doesn't matter which one ... imediatley replace, fron the print server the printer will imediatley start ...
    (microsoft.public.win2000.printing)
  • Re: wireless USB adapter drivers
    ... > I recently added a Netgear wireless router to my home network (Mac OS ...
    (RedHat)
  • Network storage
    ... I'd like to put some reasonably economic storage on my home network. ... have been thinking of the Netgear SC101 and the Western Digital ... Essential NetCenter WDXE1600JB. ...
    (comp.os.os2.setup.misc)