On Monday 05 July 2004 14:59, Saad Faruque wrote: > i did find couple of sites ex. > (http://www.doshelp.com/trojanports.htm) which lists some ports. but i > really am not sure if u simply block all these ports if it will effect > my clients regular internet activity. any alternative suggestions are > also welcome :) My suggestion would to stop fire-fighting and instead turn the problem on its head. Change your default policy from ACCEPT to DROP, and put in rules so that people are allowed to access port 80, 443, etc. and only the ports they actually NEED access to. Cheers, Gavin.
