Question about outgoing open ports in iptables
I just started to setting up my iptables rules. Right now I have denied the outgoing connections to some websites, now I'll add the INPUT rules for only allow some ports, and then comes the last part where I'm doubting..
When browsing, outgoing connections are made on random ports. Should I block all ports and only allow one for outgoing connections? Will this slow browsing speed because the only open port will be busy? Leave all outgoing ports open imply any security risk? |
Quote:
So if this is just a desktop machine that remains in one location with only one user then I'd just set the filter table OUTPUT chain policy to ACCEPT. To get a feel for what traffic leaves the machine you could watch network tools output or add a "-j LOG" rule for say new outbound connections on certain ports alone and add rules later on to tighten things up if you want to. Quote:
Code:
iptables-save > /tmp/output.txt |
All times are GMT -5. The time now is 01:54 AM. |