On Sep 24, 2004, at 10:05 AM, Lloyd H. Meinholz wrote:
On a similar note, does it make any sense for me to limit outgoing ports
on my workstations firewall? We have some limits on out network firewall
and I have no control over that. I'm having some issues getting my
iptables rules working correctly on my workstation, especially samba (so
I can print to our windows print server) and am debating what I am
actually accomplishing by filtering outgoing traffic from my
workstation.
Right now, I'm of the opinion that filtering outgoing ports from my
workstation really only accomplishes reassuring myself that nothing that
I don't know of is getting out of my box and that I'm learning
iptables... :) If I were selling it I could say that I am trying to
limit and contain any potential security breach to my workstation. Is
there something else I'm missing?
The intent is good, but the theory is partially flawed in practice. Imagine if you're rooted, what would stop the intruder from simply rewriting your ruleset? Of course, this would still be a good idea to stop potential userland applications from doing Bad Things (TM) that you're unaware of.
-- Jason Dixon, RHCE DixonGroup Consulting http://www.dixongroup.net
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
