[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Silent Drop Rule
> Sorry, the first answer was not the corrcet one. > > You should use a silent drop rule for services that you are sure you do not > want to allow, and you do not want them to appear in log (making the log > file grow). > > There is no defined dervice to include in silent drop rule, that's your > decision. Then this would not be much of a useful question now would it? Secondly, the only service in that list that I would definitely want to drop on is netbios as it a) probably should not be traversing the firewall in the first place, and b) I would not want the firewall sending explicit reject would for every netbios packet that happens to be generated. As a result, netbios is still the correct answer. -Don ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|