Hello Every one
Just a quick question regarding the policy and rule setup. If I wanted to
create a 'paranoid' ruleset, what would be the best policy and rule set?
This is what i have thought and wanted to bounce it of you guys, cause i'm
not sure....
Policy
-------
Would this be effective in blocking all access from the internal network to
the internet?
<------------------------------------>
# Source Dest Policy Log Level
loc net reject info
net all drop info
all all reject info
</----------------------------------->
Or would simply just having this suffice?
<----------------------------------->
# Source Dest Policy Log Level
net all drop info
all all drop info
</----------------------------------->
Rules,
In the rules, would this be effective in enabling access to:
1 .Web Sites (HTTP) from the internal network to the Internet
2. Secure HTTP from the internal network to the Internet
3. FTP Transfers from two specific IP addresses on the internal network to
the internet
4. Mail (SMTP) from One IP Address to the Internet
5. Mail(POP3) from one ip address to the internet
<Note: I removed the default rules for the sake of this post - Weblet,
Dnscache)
without comprosing the security of the network?
#Action Source Dest Proto Dest Port(s)
Source Port(s) Orig. Dest
1) ACCEPT loc net tcp 80
2) ACCEPT loc net tcp 443
3) ACCEPT loc:192.168.200.5,192.168.200.6 net tcp 21
4) ACCEPT loc:192.168.2.25 net tcp 25
5) ACCEPT loc:192.168.2.25 net tcp 110
Thanks!
Jay
-------------------------------------------------------
This sf.net email is sponsored by: See the NEW Palm
Tungsten T handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0001en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
