[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Silent Drop Rule
> but if u drop netbios and u have vpn between gateways than what ??? Obviously there are exceptions. In the absence of an overriding need, I dump netbios in my first rule. -Don > > Sorry, the first answer was not the corrcet one. > > > > You should use a silent drop rule for services that you are sure you do not > > want to allow, and you do not want them to appear in log (making the log > > file grow). > > > > There is no defined dervice to include in silent drop rule, that's your > > decision. > Then this would not be much of a useful question now would it? > > Secondly, the only service in that list that I would definitely want > to drop on is netbios as it a) probably should not be traversing the > firewall in the first place, and b) I would not want the firewall sending > explicit reject would for every netbios packet that happens to be > generated. As a result, netbios is still the correct answer. > > -Don > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|