Limiting Egress

Edit online

Limiting egress allows administrators to control the amount of data leaving their network. This feature helps organizations to regulate the flow of outbound data and ensure that sensitive information is not being shared outside their network without proper authorization.

To prevent egress to an unauthorized IP address, run the following command replacing [IP] with the unauthorized IP address:

iptables -A INPUT -s [IP] -j DROP

For a list of unapproved IP addresses of botnets and command/control servers, visit IBM X-Force Exchange. You should run the block command on each of the IP addresses listed on the IBM X-Force Exchange page.