On 13/10/02 14:40 -0400, R. DuFresne wrote: > depending upon the kinda of windows OS' behind your firewall, you might > wish to add 135-139, tc and udp, as well as 445, and 1433,1434. Of course > 1080 1090 1900 5000 might not hurt to be blocked either, depending upon > services running on those systems. IM fileshareing ports might well be blocked as well, at > the least, 4443 1503 3574 5010 6891 7320. And of course, this is not an > exhaustive list. Wouldn't the Right Thing(tm) be to block everything and then allow only what traffic is supposed to go out? Not logging 137/udp is a good idea because it fills up the logs and does not add any significant information to them. Devdas Bhagat _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 05:28:29 PDT