[unisog] Firewalls for Windows sheep
harnold at binghamton.edu
Fri Feb 7 21:14:47 GMT 2003
Standard procedure is to open only what's needed and only to the hosts
There are many opinions on whether to use an edge device or several
departmental devices. I prefer the edge option.
From: STeve Andre' [mailto:andres at msu.edu]
Sent: Friday, February 07, 2003 3:59 PM
To: 'unisog at sans.org'
Subject: [unisog] Firewalls for Windows sheep
What do you do on your firewalls for protecting your
Windows sheep--I mean clients?
I'm thinking along the lines of the traditional firewall
at the edge of a network which blocks ports. What is
your strategy here--do you block the known vulnerable
ports, or take the opposite approach and block most
everything opening up only what you know you need?
Specific data is great. I use OpenBSD's pf so those
would be even cooler to see. ;-) Any links to places
that spout their philosophy would be neat too.
Thanks, STeve Andre' (MSU dept of Political Science)
More information about the unisog