On Fri, Jan 14, 2005 at 12:02:28PM -0800, seberino@xxxxxxxxxxxxxxx wrote: > > I'm wondering if it is ever necessary to block > *outgoing* packets at your firewall. > > As long as you block /incoming/ carefully no hacker > on the Internet can send spam through a node on > your network or anything nasty like that right? > > (I'm wondering for a wifi hotspot if any nastiness > will happen if I don't block outgoing. I block > virtually all incoming except ssh.) i run a default DROP policy on the OUTPUT chain of my firewalls and only allow out necessary traffic (DNS, HTTP/FTP to update servers, NTP, etc). but i'm pretty odd when it comes to these things--i don't know how necessary it is. the one nice side-effect is that is keeps me from doing something stupid when i'm ssh-ed into a firewall. -j
