On Thu, May 03, 2001 at 01:31:22PM -0400, Derek Glidden wrote:
> Oskar Sandberg wrote:
> >
> > On Thu, May 03, 2001 at 11:22:00AM -0400, Derek Glidden wrote:
> > <>
> > > Most firewalls nowadays, or at least the ones being managed by competent
> > > admins, take a "Deny by default" approach. In other words, not only on
> > > inbound but also on outbound connections, *all* connections are denied
> > > unless explicitly approved.
> >
> > What possible reason is there to do that short of fucking with your users?
> > I mean, it isn't even going to help against troyans, since any troyan
> > worth a damn that gets in will call out using port 80 these days (if not
> > otherwise then not to be spotted).
>
> It's called "security." I would venture to say that most
> companies/corporations over a couple of dozen people, and even smaller
> ones with competent security administrators operate this way. Smaller
