Firewall Rules

Is it normal to list every outbound port you wish to allow, and block the rest, or leave outbound wide open?

If you were writing rules for which outbound ports were allowed open, wouldn't you need to leave big ranges of ports open outbound, so when the web server receives a request on 80, doesn't it reply using some high port like 6000+?

I have seem sample rulesets where they go through and allow certain outbound ports, but don't appear to leave any ranges or ports open.

 

 

 

 

Top