Firewall Wizards mailing list archives
re: NAT for a simple network
From: "Robert E. Martin" <rmartin () fishburne org>
Date: Fri, 15 Aug 2003 13:37:26 -0400
"in general, you should verify packets are not allowed to the device from the big bad Internet. you may also want to only allow local access from select IP addresses or subnets."So if I deny all from the outside coming in and allow all from the inside to go out, I should have the beginnings of a secure firewall.?!??!! This is not to say that it is a catch all but a start. Perhaps add rule stating only the internal subnet goes out and to deny all others. As I stated before, this is a simple network, no services coming in from the outside, just internet access for the subnet inside and dhcp running on the gateway. Thanks to all that replied to this original post. This is a valuable resource to me. Thanks again!!
-- Robert E Martin IT Manager Fishburne Military School rmartin () fishburne org 540.946.7726 _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- NAT for a simple network Robert E. Martin (Aug 13)
- Re: NAT for a simple network Mikael Olsson (Aug 15)
- <Possible follow-ups>
- re: NAT for a simple network Mike Hoskins (Aug 15)
- re: NAT for a simple network Robert E. Martin (Aug 15)
- Re: re: NAT for a simple network R. DuFresne (Aug 17)