It's also key to stopping many of the code red and sql slammer type viruses. If SQL outgoing ports would have been closed on most firewalls that would have slowed it down quickly. Gary -----Original Message----- From: netfilter-bounces@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Jose Maria Lopez Sent: Saturday, January 15, 2005 2:20 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: ever block *outgoing* packets on your firewall? El vie, 14 de 01 de 2005 a las 21:02, seberino@xxxxxxxxxxxxxxx escribió: > I'm wondering if it is ever necessary to block > *outgoing* packets at your firewall. > > As long as you block /incoming/ carefully no hacker > on the Internet can send spam through a node on > your network or anything nasty like that right? > > (I'm wondering for a wifi hotspot if any nastiness > will happen if I don't block outgoing. I block > virtually all incoming except ssh.) > > CS You *really* need to block outgoing traffic at your firewall. Think about spyware, malware and the like. They can be sending your company data to their owners. And users can use firewall-piercing and proxies to bypass your network rules if you let them do whatever they want. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@xxxxxxxxx bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPAÑA The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road"
