Date: Thu, 11 May 2006 09:26:28 +0700 (ICT) From: Olivier Nicole <on@cs.ait.ac.th> To: jay2xra@yahoo.com Cc: freebsd-questions@freebsd.org Subject: Re: Is it recommended to allow all outgoing connections from your firewall?? Message-ID: <200605110226.k4B2QSd4085927@banyan.cs.ait.ac.th> In-Reply-To: <20060511012211.12062.qmail@web51610.mail.yahoo.com> (message from Mark Jayson Alvarez on Wed, 10 May 2006 18:22:11 -0700 (PDT)) References: <20060511012211.12062.qmail@web51610.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I've seen most people allow all outgoing traffic > originating from the firewall itself... Is this really > recommended?? What if the machine have been A server being a server (and a firewall is nothing but a specific server) there is no reason one would run a client application from that machine. So I deny every outgoing connection from a server (only exceptions are the protocols used by the server to upgrade itself, http/ftp is allowd only through a proxy). This makes very little constraint and I make the server much safer knowing that one will not be able to read his mail or browse the web from that server. Best regards, Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605110226.k4B2QSd4085927>