[fw-wiz] re: NAT for a simple network

From: Robert E. Martin (rmartin_at_fishburne.org)
Date: 08/15/03

  • Next message: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"
    To: firewall-wizards@honor.icsalabs.com
    Date: Fri, 15 Aug 2003 13:37:26 -0400

    "in general, you should verify packets are
    not allowed to the device from the big bad Internet. you may also want to
    only allow local access from select IP addresses or subnets."

    So if I deny all from the outside coming in and allow all from the
    inside to go out, I should have the beginnings of a secure
    firewall.?!??!! This is not to say that it is a catch all but a start.
    Perhaps add rule stating only the internal subnet goes out and to deny
    all others. As I stated before, this is a simple network, no services
    coming in from the outside, just internet access for the subnet inside
    and dhcp running on the gateway.
    Thanks to all that replied to this original post. This is a valuable
    resource to me. Thanks again!!

    Robert E Martin
    IT Manager
    Fishburne Military School
    firewall-wizards mailing list

  • Next message: Dave Killion: "RE: [fw-wiz] Blocking MS Blaster"