On Wed, May 10, 2006 at 06:22:11PM -0700, Mark Jayson Alvarez wrote: > Hi, > > I've seen most people allow all outgoing traffic > originating from the firewall itself... Is this really > recommended?? What if the machine have been > compromised and the intruder have installed a program > that let's him access the machine remotely by having > the program itself to initiate the outgoing connection > to him thus defying the incoming connection firewall > ruleset...
If that's of concern to you (and it is, I reckon, a valid concern), then you should certainly look into blocking outgoing connections from your firewall. It depends on what you consider to be acceptable risk. Dan -- Daniel Bye PGP Key: http://www.slightlystrange.org/pgpkey-dan.asc PGP Key fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \
Description: PGP signature