Re: [Full-disclosure] RE: Example firewall script (iptables)

• Previous message: winsoc: "[Full-disclosure] Julie Terranson"
• In reply to: Bernardo Martín: "RE: [Full-disclosure] RE: Example firewall script (iptables)"
• Next in thread: Bernardo Martín: "RE: [Full-disclosure] RE: Example firewall script (iptables)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 29 Aug 2005 16:47:59 +0200
To: Full Disclosure <full-disclosure@lists.grok.org.uk>

Maybe you'd get more informative and less 'get a clue!' answers if you
rephrased and explained your question a little.

For one, what in the world is a firewall script?
I'd guess it's firewall rules you're talking about.

Second, in what scenario?
Corporate firewall, SME, personal, school?

Without knowing that the only answers you can get is that
'pass all' is bad, so is 'block all'.

// hdw

Bernardo Martín wrote:
> Anybody have more information about bad example firewall script??
>
>
>
>
> -----Mensaje original-----
> De: Bernardo Martín [mailto:bmartin@desic-sl.com]
> Enviado el: lunes, 29 de agosto de 2005 14:01
> Para: Full Disclosure
> Asunto: RE: [Full-disclosure] RE: Example firewall script
>
>
> I look for bad rules set to learn a little more. I thought that my question
> was interesting because here there are many people who knows about this. Can
> you recommend me any web or any book?
>
>
> Thanks
>
>
>
>
> -----Mensaje original-----
> De: James Tucker [mailto:jftucker@gmail.com] Enviado el: sábado, 27 de
> agosto de 2005 18:17
> Para: Full Disclosure
> Asunto: Re: [Full-disclosure] RE: Example firewall script
>
> Screw these arguments.
>
> What you should really do is get a security consultant to teach you the
> basics, and provide you with some exposure to the various different options
> you may have available, and in the case of your request, offer you some of
> the old horror stories.
>
> If your only aim is to learn, the I would suggest starting with your
> firewalls documentation. Most firewall developers do have at least a
> reasonable knowledge of firewall security and rule building. Moreover good
> documentation will leave references to good physical sources (books,
> courses, etc.). Getting back to the original question of BAD configurations
> :) (yep, my ATD is higher today) you may find some reasonable examples in
> high quality documentation too.
>
> You might try looking into any detailed hacking stories and statistics you
> can find, as these may lead to some other interesting conclusions about
> firewalls and their impacts on security too.
>
> Also, forums might be a good place to pick up bad firewall rules, you know
> those places are filled with crap because people just can't resist trying to
> show up the next guy and pretend to be the best.
>
> Just out of interest, why are you looking for Bad rule sets?
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: winsoc: "[Full-disclosure] Julie Terranson"
• In reply to: Bernardo Martín: "RE: [Full-disclosure] RE: Example firewall script (iptables)"
• Next in thread: Bernardo Martín: "RE: [Full-disclosure] RE: Example firewall script (iptables)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]