Quote:
Originally Posted by Oko
In the real world you have to filter outgoing traffic as well even if you are the only user of the computer.
|
I don't think that can be emphasized enough- one of the best ways to catch an infiltration on your network is to see (
and obviously block) the callbacks bot/root kits and viruses make.
The first week I turned on outbound filtering in our hosting network we caught a slew of infected machines that had passed our other means of detection.
Plus, it's part of being a good netizen-
don't pass your infection on to others.