>> >We have servers that could get infected via poorly wrote user scripts. I >> >However the fact is that in REAL LIFE, you will have users that use bad >scripts or even "good" script that have bugs (phpbb, etc, etc.). Ah now I get it. >I simply want to get a good ruleset to share so that anyone who might ever >have a server compromised (even non-root, php-apache based stuff running as >nobody) could help >stop the outgoing bad traffic. Hm, I'd probably try with -P OUTPUT DROP -P OUTPUT -j ACCEPT -m state --state ESTABLISHED,RELATED Jan Engelhardt --
