Re: Firewall best practices

["MILAN, SANDY (ATTSI)" <sm7454 () att com>]

These people come to this group for help in understanding.  Most are probably newbies...  ones who are new to the 
environment, new to firewalls, and new to security.  I've been a stealth member for about 10 years (maybe less) and 
have learned so much from this group.  We need to continue to allow these types of questions so that the next 
generations of security professionals are educated by those in the know.


Sandy 

Sandy Milan, CCNA, CCNA Security, CCAI, CCNP (In progress)
Principle Member of Technical Staff
ENSO Lightspeed Security Team
AT&T, Chief Security Office
 

-----Original Message-----
From: firewall-wizards-bounces () listserv cybertrust com [mailto:firewall-wizards-bounces () listserv cybertrust com] 
On Behalf Of Anton Chuvakin
Sent: Tuesday, April 13, 2010 12:51 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] Firewall best practices

All,

> This is easy.....
> Block List:             ALL
> Allow List:             Only what you need and can trust

Can somebody dig into the list archives and see how many times this
question was asked for the last...mmm...10 years? God, this is 2010,
why do people still ask for a list of "baddy ports to block?"

Marcus, please come out of hibernation and rant!!! Or - better - copy
your rant from..mmm...1992? :-)

-- 
Dr. Anton Chuvakin
Site: http://www.chuvakin.org
Blog: http://www.securitywarrior.org
LinkedIn: http://www.linkedin.com/in/chuvakin
Consulting: http://www.securitywarriorconsulting.com
Twitter: @anton_chuvakin
Google Voice: +1-510-771-7106
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards