Firewall Wizards mailing list archives

Re: ICMP blocking on PIX .4.4.1

From: lk-m-wizards () bigears solsoft com (Lorens Kockum)
Date: 9 May 2000 07:59:10 -0000

On firewall-wizards nawk () real-secure com wrote:

If you really want to be anal,
setup ACL on your border routers, then apply your rules on the firewall and
last setup another router behind the firewall with ACL again. This way the
attacker has to pass all three to get into your network.


And of course set your logs so that you get alerted whenever the
firewall or the internal router get a packet that should have
been blocked by the external router.

<insert plug for my company's ACL policy manager here ...>

Current thread:

Re: ICMP blocking on PIX .4.4.1 Jim Seymour (May 04)
- <Possible follow-ups>
- Re: ICMP blocking on PIX .4.4.1 User nawk (May 04)
  - Re: ICMP blocking on PIX .4.4.1 Lorens Kockum (May 12)
- Re: ICMP blocking on PIX .4.4.1 dominik . ratajski (May 05)
- RE: ICMP blocking on PIX .4.4.1 GibsonB (May 05)
  - RE: ICMP blocking on PIX .4.4.1 R. DuFresne (May 12)
  - RE: ICMP blocking on PIX .4.4.1 Henry B. Tindall, Jr. (May 12)
    - Stefan Savage : Hacking the TCP stack R. DuFresne (May 12)
    - Re: Stefan Savage : Hacking the TCP stack Frederick N. Chase (May 17)
  - Re: ICMP blocking on PIX .4.4.1 Lorens Kockum (May 12)
- RE: ICMP blocking on PIX .4.4.1 GibsonB (May 12)
- RE: ICMP blocking on PIX .4.4.1 Jeff B Boles (May 15)
- RE: ICMP blocking on PIX .4.4.1 David Ashwood (May 15)

(Thread continues...)