[unisog] Firewalls for Windows sheep

sbernard at gmu.edu sbernard at gmu.edu
Sat Feb 8 00:05:27 GMT 2003


Steve,

How are you dealing with protocols such as H.323 with 'pf', or do you 
not need to support it?

Steve


----- Original Message -----
From: "Arnold, Jamie" <harnold at binghamton.edu>
Date: Friday, February 7, 2003 4:14 pm
Subject: RE: [unisog] Firewalls for Windows sheep

> Standard procedure is to open only what's needed and only to the hosts
> needed.
> 
> There are many opinions on whether to use an edge device or several
> departmental devices.  I prefer the edge option.
> 
> j
> 
> -----Original Message-----
> From: STeve Andre' [mailto:andres at msu.edu] 
> Sent: Friday, February 07, 2003 3:59 PM
> To: 'unisog at sans.org'
> Subject: [unisog] Firewalls for Windows sheep
> 
> 
>   What do you do on your firewalls for protecting your 
> Windows sheep--I mean clients?
> 
>   I'm thinking along the lines of the traditional firewall
> at the edge of a network which blocks ports.  What is
> your strategy here--do you block the known vulnerable
> ports, or take the opposite approach and block most
> everything opening up only what you know you need?
> 
>   Specific data is great.  I use OpenBSD's pf so those
> would be even cooler to see. ;-)  Any links to places
> that spout their philosophy would be neat too.
> 
> Thanks,  STeve Andre'  (MSU dept of Political Science)
> 
> 
> 



More information about the unisog mailing list