Roy,
Not sure if you've got what you wanted or not, but the answer to this
depends on who/what is on the inside. As people have already stated, you
should block everything in both directions (in and out)unless it is
required. Some people only apply this rule on inbound and let everything
else go out while keeping state to allow the reply traffic back in. This is
what I did in the past. However, I have now limited everything in both
directions to try and limit the potential damage if any of my systems ever
happen to get infected with a virus or trojan. Just in case you're
interested, here's what I allow to and from my workstation at home:
Inbound - destination port
tcp/22 - ssh
Outbound - destination port
tcp/21 - ftp
tcp/22 - ssh
tcp/80 - www
tcp/25 - smtp
tcp/143 - imap
udp/53 - dns
I'm pulling this from memory as I currently do not have access to my
systems. There are also a few other ports that I have open for specific
needs:
udp/514 syslog
udp/27015(?) and 27016(?) Counter-Strike (others too, can't remember which
ones and what directions)
I limit these per host too as I don't play CS from my Solaris box, etc. My
usual advice to most people is to buy a copy of "Building Internet
Firewalls" as it covers most of this. I'm no expert on firewalls, but
hopefully you'll find this information useful.
Mike
----- Original Message -----
From: "Reyes, Roy" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 06, 2001 4:32 PM
Subject: Common Firewall Settings
>
> I'm installing a firewall on a small LAN, and I'm trying to set-up my
policy
> setting. Can anyone tell me what the standard/common settings for a
> firewall are? Basically, which protocols/ports are usually left open and
> which are turned off as standard practice? I would appreciate all the
help
> anyone can offer me. Thanks.
>
> Roy
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
