On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote: > James Stevenson wrote: > > >> If I understand the matter correctly, a firewall can protect only > >> against incoming messages, and is useless against spyware which > >> "phones home" or zombie-ware which spews email spam. > > > > Not totally correct. A firewall is only as good as the traffic that is > > permitted to flow across it. If you want to block something from phoning > > home then yes you can block outbound traffic as well. > > Blocking outbound traffic on specific ports is the advisable method. > Wholesale blocking outbound traffic might make it interesting to get > internet connectivity.
I use shorewall with default block everything all directions then open things up as needed. The important thing is to read the great shorewall-doc. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
