At 20:18 03/04/01 -0400, [EMAIL PROTECTED] wrote:
>This may seem like a good policy and easy to administer, but it takes just
>one trojan that gets in via an email and installs itself on a user's
>computer and starts transmitting the farm to the outside world and it's
>all over. Not to mention all the spyware that's out there that sends a lot
>of information out from your machine.
[PS. Please send only text messages. HTML, word and others are not easily
read by all of us]
While I agree on the principle of
- defining what is needed
- allowing only what is needed and safe
this is hard to do in practice.
Trojan horses can use legitimate ports like 80. So keeping safe is a hard
job, anyway.
If the guy hasn't asked, I would suggest that he use the "allow all
outbound" and then
improve it by checking what is not needed or not considered safe. But since
he asked
in the ML, he should now be more prudent....
cheers,
mouss
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
