> If your firewall doesn't allow outbound http requests they can't fetch > the backdoor program. If you don't allow inbound connections on any > port other than 80, they they can't get to a shell even if they did > install and run their backdoor program. The same script flaw is still > there, but behind a strict firewall it's almost impossible to do > anything with it.
This is a very good point and highlights why egress filtering is just as important and ingress. Steve Bremer NEBCO, Inc.
