Re: netfitler against Trojans and worms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Monday 05 July 2004 14:59, Saad Faruque wrote:

> i did find couple of sites ex.
> (http://www.doshelp.com/trojanports.htm) which lists some ports. but i
> really am not sure if u simply block all these ports if it will effect
> my clients regular internet activity. any alternative suggestions are
> also welcome :)

My suggestion would to stop fire-fighting and instead turn the problem on its 
head.

Change your default policy from ACCEPT to DROP, and put in rules so that 
people are allowed to access port 80, 443, etc. and only the ports they 
actually NEED access to.

Cheers,
Gavin.


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux