Re: [fw-wiz] ISP firewalling of residential customers - was - About Port Forwarding, Apache and Firewall Rules

From: Mason Schmitt (hr824_at_sunwave.net)
Date: 09/03/04

  • Next message: Daniel Linder: "Re: [fw-wiz] Linux Firewall Distributions"
    To: firewall-wizards@honor.icsalabs.com
    Date: Thu, 2 Sep 2004 17:06:25 -0700
    
    

    On September 2, 2004 08:36 am, you wrote:
    > That pretty much rocks.
    >
    That does pretty much rock. I'll run that by the team here.

    If we were to do a default config on all new installs and make it clear that's
    what we were doing and we provided a really simple interface for changing the
    config this could work!

    > Heck, I'm floored that someone's doing egress filtering by default!
    >
    We currently do egress filtering on known problem ports. Is this really so
    uncommon?

    After my initial post, I sat down with the team and talked about offering a
    more secure package with content filtering and the whole thing, but we agreed
    that it just didn't make sense on a network as small as ours. It would be
    far too much work and added support calls for the number of accounts we would
    be able to get. We looked at options like Verizon's offering of MSN Premium
    and thought that would scale much better, but we weren't aware of any product
    that we would feel good about installing client side. MSN Premium, if you
    haven't seen it, looks like another crappy software package that the client
    installs. I don't like installing software on the client's system, with the
    horrible state that most PCs are in, adding to the pile just freaks me out.

    Thanks for the suggestions!

    -- 
    Mason Schmitt
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
    

  • Next message: Daniel Linder: "Re: [fw-wiz] Linux Firewall Distributions"