From owner-freebsd-questions@FreeBSD.ORG Thu May 11 01:30:32 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 134F216A419 for ; Thu, 11 May 2006 01:30:32 +0000 (UTC) (envelope-from danielby@slightlystrange.org) Received: from catflap.slightlystrange.org (cpc6-cmbg1-0-0-cust82.cmbg.cable.ntl.com [82.10.236.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8279643D45 for ; Thu, 11 May 2006 01:30:31 +0000 (GMT) (envelope-from danielby@slightlystrange.org) Received: from danielby by catflap.slightlystrange.org with local (Exim 4.62 #0) id 1Fe00c-000FzZ-6d by authid for ; Thu, 11 May 2006 02:30:30 +0100 Date: Thu, 11 May 2006 02:30:30 +0100 From: Daniel Bye To: freebsd-questions@freebsd.org Message-ID: <20060511013029.GA5531@catflap.slightlystrange.org> Mail-Followup-To: freebsd-questions@freebsd.org References: <20060511012211.12062.qmail@web51610.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ZGiS0Q5IWpPtfppv" Content-Disposition: inline In-Reply-To: <20060511012211.12062.qmail@web51610.mail.yahoo.com> User-Agent: Mutt/1.4.2.1i X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: danielby@slightlystrange.org X-SA-Exim-Scanned: No (on catflap.slightlystrange.org); SAEximRunCond expanded to false Subject: Re: Is it recommended to allow all outgoing connections from your firewall?? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Daniel Bye List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 May 2006 01:30:32 -0000 --ZGiS0Q5IWpPtfppv Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 10, 2006 at 06:22:11PM -0700, Mark Jayson Alvarez wrote: > Hi, >=20 > I've seen most people allow all outgoing traffic > originating from the firewall itself... Is this really > recommended?? What if the machine have been > compromised and the intruder have installed a program > that let's him access the machine remotely by having > the program itself to initiate the outgoing connection > to him thus defying the incoming connection firewall > ruleset... If that's of concern to you (and it is, I reckon, a valid concern), then you should certainly look into blocking outgoing connections from your firewall. It depends on what you consider to be acceptable risk. Dan --=20 Daniel Bye PGP Key: http://www.slightlystrange.org/pgpkey-dan.asc PGP Key fingerprint: D349 B109 0EB8 2554 4D75 B79A 8B17 F97C 1622 166A _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ --ZGiS0Q5IWpPtfppv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEYpO1ixf5fBYiFmoRAnOaAJ4rbgppGR0YkVAn4/cedLMlMMJ/yACferib 1ZWk28rtukBHB9PA+SGfMqc= =TAii -----END PGP SIGNATURE----- --ZGiS0Q5IWpPtfppv--