LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Question about outgoing open ports in iptables (http://www.linuxquestions.org/questions/linux-security-4/question-about-outgoing-open-ports-in-iptables-4175446719/)

yzT! 01-22-2013 04:58 AM

Question about outgoing open ports in iptables
 
I just started to setting up my iptables rules. Right now I have denied the outgoing connections to some websites, now I'll add the INPUT rules for only allow some ports, and then comes the last part where I'm doubting..

When browsing, outgoing connections are made on random ports. Should I block all ports and only allow one for outgoing connections? Will this slow browsing speed because the only open port will be busy? Leave all outgoing ports open imply any security risk?

unSpawn 01-22-2013 06:11 AM

Quote:

Originally Posted by yzT! (Post 4875309)
Leave all outgoing ports open imply any security risk?

Defining what can be a security risk starts with knowing a machines purpose (like a library kiosk, SOHO development web server or regulations-compliant database server), its location (at home in a DMZ behind a NAT router, phys. colocation, embedded device, shared hosting plan, virtualization, cloud) and its exposure (services, users, networks).
So if this is just a desktop machine that remains in one location with only one user then I'd just set the filter table OUTPUT chain policy to ACCEPT. To get a feel for what traffic leaves the machine you could watch network tools output or add a "-j LOG" rule for say new outbound connections on certain ports alone and add rules later on to tighten things up if you want to.


Quote:

Originally Posted by yzT! (Post 4875309)
I just started to setting up my iptables rules.

When done and if unsure feel free to post or attach "output.txt" from running
Code:

iptables-save > /tmp/output.txt


All times are GMT -5. The time now is 04:39 PM.