|
|
|
|
|
|
by sneak
1844 days ago
|
|
|
As pointed out elsewhere in thread, if your users are untrusted and not under your direct administrative control (e.g. students in a dorm, hotel guests, et c) then default-allow-everything jeopardizes your upstream transit connection (e.g. if they start spamming). You owe it to others on the internet to not allow everything out indiscriminately from untrusted strangers who happen to be on your access network. It’s just neighborly to make sure you’re not sending ddos or spam, for example. |
|
|
How is that different from an ISP? Or do you think ISPs should also block everything except TCP ports 80 and 443?