{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigbr5nqlsgvmlphrytvqncqcty652zpnldzrvgg3qf2luqkijz5zu",
    "uri": "at://did:plc:haakkg7y3xdghcdmprxeexso/app.bsky.feed.post/3mg4hjpu7cku2"
  },
  "path": "/t/ports-dilemma/35900#post_1",
  "publishedAt": "2026-03-02T23:53:26.000Z",
  "site": "https://discuss.privacyguides.net",
  "textContent": "I wanna close ALL outgoing ports except 443, 123, 853 to avoid potential abuse or exploiting of my network as much as possible.\n\nWill this be a good idea? I use my Fedora only for home usage, and I wanna mitigate potential exploits\n\nI had idea to block both directions to guarantee that for example something won’t fallback to plain http (for example some app) where http can be easily intercepted and modified to be harmful.\n\nOr for ex port 53, which allows ISP to spy and modify queries (some programs still use 53, even if resolved.conf or stubby configured to DOT).\n\nOr NTP, which often used even with chrony which configured to use NTS…\n\nThis is from “better safe than sorry”.\n\nI also have Flint 2 (Gl.iNet, OpenWRT), so I can close ports there.\n\nBut for now there is more important questions: how likely i will break something critical (that’s why I want to test on my own machine first, without causing headache to my homemates) and how effective this approach as mitigation?\n\nAll incoming already set to “DROP” on both levels: router and pc",
  "title": "Ports dilemma"
}