In Windows 2008 I see inbound and outbound rules, I can open TCP and UDP in both directions. So if I open some port in TCP and some in UDP inbound and the connection works, why do I need outbound rules?
Asked
Active
Viewed 728 times
3 Answers
1
outbound rules are matching connections from your server to another. So if you want to browse the internet (from your server) you need to open at least 80/tcp outbound.
krissi
- 3,317
- 1
- 18
- 22
-
outbound rules are matching connections from your server to another _____ . Another what ? Another server ? Like server meaning Windows 2008 pc. – Sep 29 '10 at 10:16
-
TO other network addresses meaning local servers, PCs, but it also defines hosts in whole network groups ("the internet", machines i a DMZ etc.) – splattne Sep 29 '10 at 11:53
0
Outbound rules define which connections your server can open to other network hosts, meaning that the server itself initiates the connection.
An example: on your server runs an IIS/ASP.NET application that has to connect to a SQL Server machine. You'll have to allow the ports necessary to connect to that server.
splattne
- 28,348
- 19
- 97
- 147
0
Outbound rules can be useful to prevent data exfiltration. If a hacker does get into your system, under a non-administrative account AND you have outbound rules blocking ports, you might be able to prevent him from stealing your data. In theory, outbound rules would prevent him from connecting back to his server. Some hardware firewalls (cisco, fortinet, juniper, etc.) have this capability which is usually called Data Leak Prevention.
jftuga
- 5,572
- 4
- 39
- 50