>> > so I take it UDP is still used even though it is not as secure as TCP.
>
>UDP is not as _reliable_ as TCP, but IMHO its no more difficult to
>secure unless you are talking static packet filters. With any other
>firewall technology, its no worse or better.
>
> > Would
> > removing the UDP settings stop all TCP traffic along the same lines
>also?
>
>Humm, not sure what you mean by this. UDP is a transport like TCP. They
>are separate animals.
I understand that UDP is a unreliable transport protocol. It doesn't
authenticate and doesn't do windowing. It is also security prone(correct me
if I am wrong). I want to plug up any holes that I could forsee having in a
firewall. I don't know exactly if JUST TCP controled some devices and UDP
others.
> > am looking for the most secure way to block anything from coming in
>except
> > IRC,TCP, and HTTP(possibly) as a test to hackers to see how secure I can
> > make my firewall.
>
>IRC and HTTP are services, TCP is a transport. My guess is that its
>actually services you want to block.
>
>Also, do you mean you _have_ an HTTP server or that you want to let
>internal users connect to HTTP services on the Internet? If the latter,
>its actually high ports you are letting back in.
I want to allow HTTP requests out and none in. Firewall not a web
server(sorry for the confusion) I want something that is locked-down tight.
We (my collegue and I) will try raptor and checkpoint-1 to test for
vulnerabilities in each and see how we can improve on the configuration.
This was why I listed UDP as what was using it. Any reponses/flames/hate
mail/Love letters keep sending!
Jonathan
"Layer 4 and up is for End Users"
-Anonymous CCNA
________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
