Hello Blocking outgoing can be useful in several situations : - corporate network where you do not want people to send confidential information outside - public networks you do not want to be used for abuse / spam / hacking - simply control what is going out of your network - talking of hacking, some trojans / exploits can create outbound connections and defeat the firewall security if it doesn't care about outbound connections. See http://www.thc.org/papers/fw-backd.htm Another example, JPEG of Death reverse connect will connect outside just by viewing a jpeg file you downloaded (if you do not have patches ;] ) http://www.hackernews.com.br/arquivos/JpegOfDeathAll.c So I usually set up some control of outbound connections ;) Have a nice day Maxime Ducharme Programmeur / Spécialiste en sécurité réseau ----- Original Message ----- From: <seberino@xxxxxxxxxxxxxxx> To: <netfilter@xxxxxxxxxxxxxxxxxxx> Sent: Friday, January 14, 2005 3:02 PM Subject: ever block *outgoing* packets on your firewall? > > I'm wondering if it is ever necessary to block > *outgoing* packets at your firewall. > > As long as you block /incoming/ carefully no hacker > on the Internet can send spam through a node on > your network or anything nasty like that right? > > (I'm wondering for a wifi hotspot if any nastiness > will happen if I don't block outgoing. I block > virtually all incoming except ssh.) > > CS >
