On Thu, Sep 29, 2011 at 07:10:10PM -0700, Joel jaeggli wrote:
On 9/29/11 17:46 , Robert Bonomi wrote:
From: Nathan Eisenberg <nathan@atlasnetworks.us> Subject: RE: Synology Disk DS211J Date: Thu, 29 Sep 2011 21:58:23 +0000
And this is why the prudent home admin runs a firewall device he or she can trust, and has a "default deny" rule in place even for outgoing connections.
- Matt
The prudent home admin has a default deny rule for outgoing HTTP to port 80? I doubt it.
No, the prudent nd knowledgable prudent home admin does not have default deny rule just for outgoing HTTP to port 80.
He has a defult deny rule for _everything_. Every internal source address, and every destination port. Then he pokes holes in that 'deny everything' for specific machines to make the kinds of external connections that _they_ need to make.
Tell me how that flys with the customers in your household...
They are freeloaders, not customers. If they -PAID- for service, then it would be a different conversation. /bill