RE: (PM) pm3 filters

Stavros N. Bairactaris (Administrator@smartnet.gr)
Mon, 13 Jul 1998 15:31:09 +0200

I think the problem is that too many communication applications are using
non-standard ports below 1023, and there are more on the market every day.
When I had permitted the standard required ports, everything was running
fine until somebody got an application requiring extra ports for it.
So, instead of adding new rules to permit them I believe it would be more
convenient to block all undesired ports, and see what will have to be added
in the future to tight-up security if needed.
All this until we get this hardware proxy and firewall, the "expensive
stuff", that will be provided with the CPU power needed for extensive
filtering.

Regards,
Stavros N. Bairactaris
Administrator@smartnet.gr

SmartNet Internet Service Provider

Data: +30 1 9531601 (POP1)
+30 1 9530260 (POP2)
ISDN: Starting September 1 1998
Voice: +30 1 9578784-5
Cellular: Call voice #, ask for cellular #

-----Original Message-----
From: Jon Lewis [mailto:jlewis@inorganic5.fdt.net]
Sent: Δευτέρα, 13 Ιουλίου 1998 2:09 μμ
To: Stavros N. Bairactaris
Cc: Portmaster-Users
Subject: RE: (PM) pm3 filters

On Mon, 13 Jul 1998, Stavros N. Bairactaris wrote:

> Hello,
>
> Here we do it the other way, because we had some complaints about
> NetMeeting, PcAnywhere etc.
> So instead of permit1, permit2, permitx logic, we do deny1, deny2, deny3,
> permit all the rest.

That just means either your filter was wrong, or your clients software was
misconfigured.

------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | drawn and quartered...whichever
Florida Digital Turnpike | is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>