Might be kind of irrelevant but most winblows malware will be most interested in contacting port 25. They would also like port 80 to download updates but unfortunately the users would be a bit pissed if you blocked that
Locking down high ports going out will just make things very difficult with very little increase in security. Using the coral web cache would be impossible, for example. But hey, it's your network so do as as you wish. One possible workaround is set up a proxy server for the clients and allow only that to get out through your lockdown. Having a 2 layer firewall with DMZ is a more standard way to do it anyway. ~Jason -- -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
