[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Block outgoing http on NG FP3
as the guys have suggested - set allow rules above your blocks to allow MS update and AV ( I know symantec use specific IPs and ports)... I cant see any harm in allowing port 80 to MS.. depends on how far you take things. I would however not recommend allowing users to update themselves from the internet. You should always evaluate all patches in a test environment... how would you feel if you put a patch on that messed up your main business application and the only solution was a rebuild? as Wayne suggested.... set up something like SUS to deal with windows update internally... much safer. BR Robert Rutherford +44 (0)1305 208232 +44 (0)7970 122362 |---------+--------------------------------------------> | | "Brown, Jim" | | | <[email protected]> | | | Sent by: Mailing list for | | | discussion of Firewall-1 | | | <[email protected]| | | KPOINT.COM> | | | | | | | | | 17/08/2003 15:26 | | | Please respond to Mailing list | | | for discussion of Firewall-1 | | | | |---------+--------------------------------------------> >----------------------------------------------------------------------------------------------| | | | To: [email protected] | | cc: | | Subject: Re: [FW-1] Block outgoing http on NG FP3 | >----------------------------------------------------------------------------------------------| Define a URI resource based on the URL name and define a rule only allowing HTTP access to the URL in question. You can even use wildcards for the acceptable url like *.nai.com or *.microsoft.com or windowsupdate.microsoft.com -----Original Message----- From: Wayne Ho [mailto:[email protected]] Sent: Friday, August 15, 2003 10:20 AM To: [email protected] Subject: Re: [FW-1] Block outgoing http on NG FP3 Let me rephrase my question: My intention is to get a BETTER way to block it instead of just using bunch of IP address... It seems there is no better way to do it. --- Ulysees <[email protected]> wrote: > em yeah, brand spanking new thing called acls. > cissp ?????????????? > > ----- Original Message ----- > From: "Wayne Ho" <[email protected]> > To: <[email protected]> > Sent: Friday, August 15, 2003 3:37 PM > Subject: [FW-1] Block outgoing http on NG FP3 > > > > Is there anyway I can just block outgoing traffic > and > > allow only windowsupdate.microsoft.com, and > antivirus > > update ? We are not using CVP, or UFP. > > > > Thanks. > > > > CISSP > > Wayne > > > > __________________________________ > > Do you Yahoo!? > > Yahoo! SiteBuilder - Free, easy-to-use web site > design software > > http://sitebuilder.yahoo.com > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to > [email protected] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [email protected] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ********************************************************************** This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([email protected]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. ********************************************************************** This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.dek.com ********************************************************************** ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|