On 23Sep1999, "Olivier Paul" <[EMAIL PROTECTED]> wrote:
>
> Thanks for the precision. I was looking at statistics about the first
> kind of policy (Deny everything, explicitly permit services).
>
> Could anyone give me some information about this ?
>
> Olivier Paul
> Ph.D. student
> ENSTB
Typically, what I do is construct rulesets in the following form:
Deny anything that is obviously bogus or dangerous (i.e. source-routed packets)
Allow specific services, restricting source/destination if possible
Deny all unmatched packets
Statistics? I tend to have about 10 deny rules at the beginning, any
number between 1 and 1000 allow rules, and then one "deny ip any any" or
its equivalent for each interface at the end.
-Blair
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
