Firewall Wizards mailing list archives

Re: fail-open firewalls...

From: Frederick M Avolio <fred () avolio com>
Date: Fri, 07 Jun 2002 14:48:15 -0400

At 04:45 PM 6/5/02 -0400, Anton Chuvakin wrote:

I am curious, how one can _verify_ that the firewall is indeed made this
way.

A good starting point: Any firewall that requires a final Any/Any/Any/Denyrule should be suspect.



Fred
Avolio Consulting, Inc.
16228 Frederick Road, PO Box 609, Lisbon, MD 21765, US
+1 410-309-6910 (voice) +1 410-309-6911 (fax)
http://www.avolio.com/

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

fail-open firewalls... Anton Chuvakin (Jun 07)
- Re: fail-open firewalls... Frederick M Avolio (Jun 08)
- Re: fail-open firewalls... Mikael Olsson (Jun 08)
- Re: fail-open firewalls... B. Scott Harroff (Jun 08)
- Re: fail-open firewalls... R. DuFresne (Jun 08)