>> I am thinking that if some rogues application is trying to phone home,
>by using an invalid destination IP address? That'll just end up
getting dropped by your ISP anyway because it doesn't know where to
route it. It certainly wouldn't phone home to anything, unless
someone hostile has taken over your ISP's network (in which case this
wouldn't buy you anything anyway).
...So putting "Egress" filters for LAN or DMZ, while not a bad idea,
really only accomplishes reducing useless traffic that will get
dropped anyway, once it hits the ISP...correct ??
>By the way take a look at http://www.cymru.com
Daniele Thanks...so far looks to be an invaluable resource.