Re: [TCLUG:16582] Firewalls revisited...

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:16582] Firewalls revisited...
From: Scott Dier - dieman <dieman@ringworld.org>
Date: Mon, 24 Apr 2000 12:05:18 -0500 (CDT)
In-Reply-To: <Pine.LNX.4.10.10004241102520.29095-100000@enchanter.real-time.com>

On Mon, 24 Apr 2000, Nate Carlson wrote:

> Only problem with setting default policy of DENY is you don't get logging
> when packets are denied...

NO! its good to do both.

What if you somehow have a chain that you can sneak through that gets by
the default-deny?  I could write up a plausable situation.

Just remember to send it off to an LDROP chain when wanted.

You dont really want to log *everything* that drops, do you?  CIFS
broadcasts are annoying as hell to watch.

-- 
Scott Dier <dieman@ringworld.org> #nicnac@efnet 612.301.0265
http://www.ringworld.org/  finger:dieman@destiny.ringworld.org

Wait. Watch. Wonder.
	-J

Follow-Ups:
- Re: [TCLUG:16582] Firewalls revisited...
  - From: Nate Carlson <natecars@real-time.com>

References:
- Re: [TCLUG:16582] Firewalls revisited...
  - From: Nate Carlson <natecars@real-time.com>

Prev by Date: Re: [TCLUG:15927] NeXT -changing root password
Next by Date: Re: [TCLUG:16582] Firewalls revisited...
Prev by thread: Re: [TCLUG:16582] Firewalls revisited...
Next by thread: Re: [TCLUG:16582] Firewalls revisited...
Index(es):
- Date
- Thread