[unisog] Firewalls for Windows sheep

Arnold, Jamie harnold at binghamton.edu
Fri Feb 7 21:14:47 GMT 2003

Standard procedure is to open only what's needed and only to the hosts

There are many opinions on whether to use an edge device or several
departmental devices.  I prefer the edge option.


-----Original Message-----
From: STeve Andre' [mailto:andres at msu.edu] 
Sent: Friday, February 07, 2003 3:59 PM
To: 'unisog at sans.org'
Subject: [unisog] Firewalls for Windows sheep

   What do you do on your firewalls for protecting your 
Windows sheep--I mean clients?

   I'm thinking along the lines of the traditional firewall
at the edge of a network which blocks ports.  What is
your strategy here--do you block the known vulnerable
ports, or take the opposite approach and block most
everything opening up only what you know you need?

   Specific data is great.  I use OpenBSD's pf so those
would be even cooler to see. ;-)  Any links to places
that spout their philosophy would be neat too.

Thanks,  STeve Andre'  (MSU dept of Political Science)

More information about the unisog mailing list