Re: Securing the FW-1 Firewall

Tue, 26 Feb 2002 09:59:29 -0800 

Well, some time ago I did a little research about that. These are some
guidelines:

General recomendations:

1.- Keep your firewall updated
2.- Secure all the machines involved (magement module, firewall module,
etc)
3.- You must have backup and recovery  procedures 
4.- Mantain a logging policy for post analisis
5.- Change the admin password periodically


Configuration recommentadions:

1.- Set the IP Spoofing, maybe you'll need study the situation, 'cause the
network could be complex

2.- Set the SYN Defender
3.- In the top of the rulebase you must add the rule:

any -- firewal-1 drop

In order to hide the firewall

If you're using VPN or user authentication or whathever service that needs
communication with the fw module you must place this rule below of them.

I hope this could help you.


[EMAIL PROTECTED] writes:
>Hi All,
>
>I have FW-1 on Nokia.
>I have implemented VRRP as part of the fw-1/Nokia failover solution, and
>therefore have both "real" and "virual" addresses for my interfaces.
>I have closed the firewall as best as I am allowed (I need to let some
>remote systems "ping"), but still the "real" IP address of each interface
>is being shown in traceroutes !!     What have I missed ? - how do I make
>my fw-1 totally anonymous ?
>
>Just in case I missed anything else, what are the general guidelines for
>securing the fw-1 ??
>I have all my management activity limited to a completely separate,
>secured
>lan and I only have specific rules (ie. the only "any" destinations I have
>are either for port 80 or for "drop" actions). I have anti-spoofing set as
>recommended, but i do not have SYNdefender active as yet.
>Anything else ? .............................
>
>Cheers, Gordon
>
>_______________________________________________
>Firewalls mailing list
>[EMAIL PROTECTED]
>http://lists.gnac.net/mailman/listinfo/firewalls



Saludos
Fredy R. Santana V.  
Ingeniero Civil El�ctrico - CCSA - CCDA
Orion 2000 - Servicios Profesionales en Seguridad Inform�tica
La Concepcion 322 piso 12, Providencia.
Santiago, Chile
Fono: 56-2-6403944, Fax: 56-2-6403990
e-mail: [EMAIL PROTECTED]
http://www.orion.cl


_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls

Reply via email to