Hi all,
I am currently running a server using a combined router/firewall (Winroute) - this seems great on blocking external attack, and doesn't fail any test at www.grc.com bar the 'leak test.' I assume to fix this I would need to sort out the outgoing packet filter. Basically the firewall is suceeding on stopping unwanted packets coming in, set to send a denying packet if a packet is recieved without entry into the NAT table.. however it will let unwanted packets leave from stuff like trojan viruses, and spyware. Any ideas of how to configure a packet filter for outgoing packets to stop this???
Many thanks...

A firewall should both stop stuff from coming in and stuff from going out if it does not match a set rule in the rule base (stateful inspection).

Also, A firewall should NEVER, EVER respond with a 'deny' packet to ANY data that it will not allow, It should just discard that packet.

If the firewall responds it can then be attacked using very basic DOS (Denial of Service) techniques.

Is the Firewall running on your main PC or do you have a small LAN??!

I've not heard or used Winroute but I'm very familar with most firewalls both LAN and PC based, If you have any questions please feel free to email me.

--
Gary Williams