> I would like to point at for a start, most of these Instant Messenger, > ICQ and other services have settings that will work with firewalls. > They will use defined ports that you can open in your firewall, but I > agree with a Security Policy would have to be setup so that the questions > of which of these services will be beneficial and allowed and which are > just fun nick-nacks.
Yes, and this URL may help Cassandra http://securityportal.com/closet/closet20001101.html, it discusses the difficulties of a default deny, and shows ways to use port ranges. > > At 08:49 AM 5/18/2001 +1000, Cassandra Ludwig wrote: > > >I have an interesting little problem here. > > > > > >I want to as a default REJECT all packets from my firewall's external > > >interface, and then allow in only certain packets. I have already Rob
