RE: [fw-wiz] RE: Help w/ Port 137 Traffic

• Previous message: Luca Berra: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• In reply to: Frank Knobbe: "RE: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I build mine very similar to you, with one exception. Any 
> traffic from the inside net that the firewall is supposed to 
> block, I'm REJECTing. That way internal devices don't 'hang' 
> waiting for a timeout. Everything coming in from the outside 
> still gets DROPPED though. But I do prefer to send a RST to 
> hosts on the inside.

I guess the trade-off here is ease-of-use (faster timeouts) vs
higher security. It would be a lot easier for an internal attacker
to port-scan the DMZ network space to figure out the firewall rules
with your suggestion.

Stefan


_______________________________________________
firewall-wizards mailing list
firewall-wizardsat_private
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Next message: Philip J. Koenig: "Re: [fw-wiz] Variations of firewall ruleset bypass via FTP"
• Previous message: Luca Berra: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• In reply to: Frank Knobbe: "RE: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Next in thread: R. DuFresne: "Re: [fw-wiz] RE: Help w/ Port 137 Traffic"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Oct 14 2002 - 05:38:44 PDT