> From: Steve Matkoski <makoski @
> Subject: internal filtering router - filter config?
> What type of things would you filter on the internal router? or even
> the external router? I am going to be installing a firewall real soon
> and would really appreciate any help.
Unless I misunderstand, I think you ought to be asking what should
be *allowed* rather than what should be filtered. Most people here
would advocate a "deny unless specifically permitted" stance in
your filter rules.
If you don't already have a firewall book, the Chapman & Zwicky book
does a pretty good job on this stuff. They give a lot of attention
to configuring the filter on a service-by-service basis.
Chip Rosenthal * Unicom Systems Development * <chip @
URL: http://www.unicom.com/ * 4868D8BE10C86BDE 6017000BA783998E
Helmet good. Law bad.