On Mon, Jan 08, 2007 at 02:51:38PM -0500, Kevin Mark wrote: > On Mon, Jan 08, 2007 at 01:13:01PM -0600, Russell L. Harris wrote: > > > > My LAN is protected by a machine running SmoothWall Express 2.0, > > acting as a firewall and router. Would an internal firewall package be > > useful in this environment? > Many folks like that one. I use shorewall. You can always block outgoing > ports that you dont use. If you dont run an ftp server, block port 20 > and 21, etc. > That is why I really like the "default deny" mentality. Start by blocking all incoming and outgoing new connections. Allow only incoming connections for services that you know you are running. Allow only outbound connections for things you know you want to do. If you only browse the web and use ssh, then only allow those ports. Many badware applications use port 80 or port 443, since those are very rarely blocked. For bonus points, block those and setup and authenticating proxy. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature