For better security: always "block all" or "block in all" is
Greg.Hennessy at nviz.net
Wed Jul 28 19:50:53 UTC 2010
> What disadvantages does it have in term of security in comparison with
> "block all"? In other words, how bad it is to have all outgoing ports always
> opened and whether someone can use this to hack the sysem?
It's the principle of 'least privilege'. Explicitly allow what is permitted, deny everything else.
It should also be
block log all
A default block policy without logging has a certain ass biting inevitability to it.
More information about the freebsd-pf