Might be kind of irrelevant but most winblows malware will be most
interested in contacting port 25. They would also like port 80 to
download updates but unfortunately the users would be a bit pissed if you
blocked that
Locking down high ports going out will just make things very difficult
with v
I have been googling all day trying to sort this out. I have an
iptables gateway. I can connect to outside FTP servers from the gateway
using either active or passive by using the ESTABLISHED,RELATED
matching rule. I can also use active from any of the masqueraded boxes
to walk around the dir tree,
