|
||||||||
Chris, >> I am thinking that if some rogues application is trying to phone home, >by using an invalid destination IP address? That'll just end up getting dropped by your ISP anyway because it doesn't know where to route it. It certainly wouldn't phone home to anything, unless someone hostile has taken over your ISP's network (in which case this wouldn't buy you anything anyway). ...So putting "Egress" filters for LAN or DMZ, while not a bad idea, really only accomplishes reducing useless traffic that will get dropped anyway, once it hits the ISP...correct ?? >By the way take a look at http://www.cymru.com Daniele Thanks...so far looks to be an invaluable resource. Regards, Don |