[olug] Building a Hellacious Firewall
Chris Garrity
m0ntar3 at home.com
Wed Jun 27 05:53:11 UTC 2001
My personal favorite is turning off icmp for the world, but not for me. I can
traceroute and ping from my firewall, but those people out there see my firewall
as unreachable. I also learned that just dropping packets isn't such a good
idea, the firewall wall rules should return-reset. DNS sweeps, NNTP probes, PING
sweeps, etc etc.. know a host is up and filtering particular ports, firewalls
should return a reset if they want to be (more) invisible to scanning.
---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net
More information about the OLUG
mailing list