Re: How to tell if a Linux machine is a zombie?
On Mon, Jan 08, 2007 at 10:35:10PM -0800, Paul Johnson wrote:
> James Stevenson wrote:
>
> >> If I understand the matter correctly, a firewall can protect only
> >> against incoming messages, and is useless against spyware which
> >> "phones home" or zombie-ware which spews email spam.
> >
> > Not totally correct. A firewall is only as good as the traffic that is
> > permitted to flow across it. If you want to block something from phoning
> > home then yes you can block outbound traffic as well.
>
> Blocking outbound traffic on specific ports is the advisable method.
> Wholesale blocking outbound traffic might make it interesting to get
> internet connectivity.
I use shorewall with default block everything all directions then open
things up as needed.
The important thing is to read the great shorewall-doc.
Doug.
Reply to: