[jadmin] iptables and Jabber
Benjamin Podszun
ben at galactic-tales.de
Mon Mar 12 15:27:03 CDT 2007
Matthias Wimmer <m at tthias.eu> wrote:
>
HI Markus!
>
>Markus Meyer schrieb:
>> Since this would be for me like the work Sysiphos has done, I think I'll
>> set up a rule that allows traffic for ports 5260-5269. A quick view
>> showed me that if SRV records are used the above are the used
>> ports(mostly). So thanks for all the answers and the destroyed hope that
>> assigned ports
>> are like a standard ;)
>
>Why do you filter outgoing connections at all?
That's reasonable and should be done all the time, imo. Why?
1) To minimize the impact of any intrusion, which has to connect to the
outside most of the time (think: Remote shell on Port X. Download malware
from somewhere. Join a botnet in channel #foobar etc..). You might get
infected/compromised, but the stuff might be dead code on your machine.
2) Control. I want to specify where each app might connect to.
Regards,
Ben
More information about the JAdmin
mailing list