Attached to port W24 of the PM3 -- I am use Line0 for ChanT1 and Line1 for
the WAN link.
internet.in 1 deny 209.57.124.0/26 0.0.0.0/0 log
internet.in 2 permit tcp estab
internet.in 3 permit udp dst eq 53
internet.in 4 permit tcp dst eq 53
internet.in 5 permit tcp dst eq 25
internet.in 6 permit icmp
internet.in 7 permit 0.0.0.0/0 ftp.woodville.net/26 tcp dst eq 21
internet.in 8 permit tcp src eq 20 dest gt 1023
internet.in 9 permit udp src eq 53
internet.in 10 permit 0.0.0.0/0 209.57.124.0/26 tcp dst eq 119
I am a little confused by rule 7. Why do you need to specify a netmask when
ftp.woodville.net will return 209.57.124.2 from the DNS?
The system we are running has 1 PM3 and a NT server running Radius, IIS3.0,
DNS, Sendmail, and FTP. Our secondary DNS is outside our system as is the
Usenet server. There are no user accounts on the NT server and all files
and directories except the IIS folders are owned by Admin with no rights for
anyone else. What major security holes am I leaving open?
I have not thought about filters for the dial-up ports yet. Any
suggestions?
There was a comment awhile back about filtering WinNuke. Something I should
be doing special for that?
Mark Radabaugh
mark@woodville.net
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.