Re: How to tell if a Linux machine is a zombie?

To: debian-user@lists.debian.org
Subject: Re: How to tell if a Linux machine is a zombie?
From: Douglas Tutty <dtutty@porchlight.ca>
Date: Tue, 9 Jan 2007 09:05:27 -0500
Message-id: <[🔎] 20070109140527.GB1294@pluto>
In-reply-to: <[🔎] ulpb74xfqt.ln2@ursa-major.ursine.ca>
References: <[🔎] 20070108191301.GA555@cromwell.tmiaf> <[🔎] 03e301c7337e$a268c6e0$0500ac0a@slider> <[🔎] ulpb74xfqt.ln2@ursa-major.ursine.ca>

On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote:
> James Stevenson wrote:
> 
> >> If I understand the matter correctly, a firewall can protect only
> >> against incoming messages, and is useless against spyware which
> >> "phones home" or zombie-ware which spews email spam.
> > 
> > Not totally correct. A firewall is only as good as the traffic that is
> > permitted to flow across it. If you want to block something from phoning
> > home then yes you can block outbound traffic as well.
> 
> Blocking outbound traffic on specific ports is the advisable method. 
> Wholesale blocking outbound traffic might make it interesting to get
> internet connectivity.

I use shorewall with default block everything all directions then open
things up as needed.

The important thing is to read the great shorewall-doc.

Doug.

Reply to:

Follow-Ups:
- Re: How to tell if a Linux machine is a zombie?
  - From: Paul Johnson <baloo@ursine.ca>

References:
- How to tell if a Linux machine is a zombie?
  - From: "Russell L. Harris" <rlharris@oplink.net>
- RE: How to tell if a Linux machine is a zombie?
  - From: "James Stevenson" <james@stev.org>
- RE: How to tell if a Linux machine is a zombie?
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: dial up connection
Next by Date: Re: How to create a debian-Cd like a standard
Previous by thread: RE: How to tell if a Linux machine is a zombie?
Next by thread: Re: How to tell if a Linux machine is a zombie?
Index(es):
- Date
- Thread