On Friday 01 April 2005 03:29, A dot L dot M dot Buxey at lboro dot ac dot uk wrote:
> > What types of traffic are you blocking from a business perspective ? I
> > am just curious about what traffic I might want to block in the LAN
> > outbound direction..ie P2P, IM, 445 ports.
I am new to m0n0 but have a bunch of clients behind iptables-based firewalls
and I have come to 2 conclusions:
1) If you are worried about users doing the wrong thing then you should be
educating the users and cultivating an open and collegial atmosphere in the
workplace. If someone really wants to get around a firewall from the inside
it's kind of trivial.
2) The things to be worried about are zombies and botnets and that's where an
IDS helps; the most efficient IDS is a user saying "My computer is very slow