RE: DMZ / Firewall rule diagramming

["Craig Humphrey" <Craig.Humphrey () chapmantripp com>]

Hi Scott,

Hmmm.. Yeah... I did the OSSTMM OPST course earlier this year and found
it a bit thin on diagramming techniques.  But it's probably time I
re-read the OSSTMM guides and see what's going on...

Anyway, regardless of where I end up... I'll post results/progress to
the list.

Later'ish
Craig
 

> -----Original Message-----
> From: aldr1c [mailto:aldr1c () nildram co uk] 
> Sent: Wednesday, December 08, 2004 10:21 AM
> To: Craig Humphrey
> Cc: security-basics () securityfocus com
> Subject: RE: DMZ / Firewall rule diagramming
>
> Craig,
>
>       What you are after is laudable, but apparently not standardised.
> How about coming at the issue from the other side?  OSSTMM provides
> templates for testing firewall responses.  Would it be of use to use a
> similar form/layout/series of Visio callouts to indicate the 
> acceptable
> responses for traffic types, port ranges, NAT/PAT etc?
>       I think that it is going to be down to you (not really 
> what you want
> to hear, I know) and as always the rest of us would be 
> interested in how you
> progress.
>
> All the best.
>
> Scott