[unisog] Firewalls for Windows sheep
andres at msu.edu
Sat Feb 8 02:28:22 GMT 2003
Nope, I don't think I need to support it, at least no one
that I know of where I am is using it. I did look at how
it works a while ago, and concluded that its designers
were delusional or something.
Thanks to everyone for their comments up to this point.
I've made firewalls before, but never in an academic type
of environment, which prompted my question. My own
inclination would be to seal off the 'well known diseased'
ports and go from there, but apparently I am an alien in
I shall gladly listen to others comments.
On Friday 07 February 2003 19:05, sbernard at gmu.edu wrote:
> How are you dealing with protocols such as H.323 with 'pf', or do you
> not need to support it?
> ----- Original Message -----
> From: "Arnold, Jamie" <harnold at binghamton.edu>
> Date: Friday, February 7, 2003 4:14 pm
> Subject: RE: [unisog] Firewalls for Windows sheep
> > Standard procedure is to open only what's needed and only to the hosts
> > needed.
> > There are many opinions on whether to use an edge device or several
> > departmental devices. I prefer the edge option.
> > j
> > -----Original Message-----
> > From: STeve Andre' [mailto:andres at msu.edu]
> > Sent: Friday, February 07, 2003 3:59 PM
> > To: 'unisog at sans.org'
> > Subject: [unisog] Firewalls for Windows sheep
> > What do you do on your firewalls for protecting your
> > Windows sheep--I mean clients?
> > I'm thinking along the lines of the traditional firewall
> > at the edge of a network which blocks ports. What is
> > your strategy here--do you block the known vulnerable
> > ports, or take the opposite approach and block most
> > everything opening up only what you know you need?
> > Specific data is great. I use OpenBSD's pf so those
> > would be even cooler to see. ;-) Any links to places
> > that spout their philosophy would be neat too.
> > Thanks, STeve Andre' (MSU dept of Political Science)
More information about the unisog