On Tue, Jan 09, 2007 at 11:23:56AM -0800, Paul Johnson wrote: > Douglas Tutty wrote: > > > On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote: > >> James Stevenson wrote: > >> > >> >> If I understand the matter correctly, a firewall can protect only > >> >> against incoming messages, and is useless against spyware which > >> >> "phones home" or zombie-ware which spews email spam. > >> > > >> > Not totally correct. A firewall is only as good as the traffic that is > >> > permitted to flow across it. If you want to block something from > >> > phoning home then yes you can block outbound traffic as well. > >> > >> Blocking outbound traffic on specific ports is the advisable method. > >> Wholesale blocking outbound traffic might make it interesting to get > >> internet connectivity. > > > > I use shorewall with default block everything all directions then open > > things up as needed. > > I bet you have a rule someplace that allows outgoing traffic that's part of > an existing connection.
Not that I specifically put in. I __think__ that's part of the netfilter stuff directly. I just checked my shorewall configs and there's nothing there allowing anything from the net and very specific stuff out. Doug. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
