> So the closest thing to a warning, comes not in the manuals that > come with the software - but you have to pay to go on a course for > this info. I may be wrong about this - if you know of any other > place where this is documented please let me know. The "Managing Firewall-1 Using the Windows GUI" book that comes with the firewall (both in hardcopy and pdf on the CD) covers this in Chapter 8. In Chapter 9 (page 170 in my copy) they list in order the bits a packet is matched against. Unfortunately, this documentation is insufficient. They don't give any advice as to the implications of doing DNS and ICMP before the rule base. In spite of what they might consider a complete description of how it work, it's easy to miss the security implication of their default settings, especially when they declare some things essential, making it seem to the administrator that she'd better leave the services wide open rather than handle them explicitly in the rules. -- Dave Goldberg Post: The Mitre Corporation\MS B305\202 Burlington Rd.\Bedford, MA 01730 Phone: 781-271-3887 Email: dsgat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:21:10 PDT