[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Last Rule
Devon Harding - GTHLA wrote: Should my last rule be ANY-ANY-REJECT or ANY-ANY-DROP? Hi, the "classic" Clean-Up rule is to DROP and to LOG. Drop is useful because in case of an attack the sender doesn't get an answer from the Firewall. So he can't make out if the systems is up or even turned on. Ok, I know, in this case I'm an optimist ;-) Logging should be turned on, so you see the traffic beeing dropped. Otherwise, you could rely on the "implicit Drop-rule" which is the very last rule and always turned on, but without logging. Hope it helps, best regards, Matthias http://www.fw-1.de -- Visit us at the SYSTEMS 2003 - IT-SecurityArea - B2.713 Munich, 20.10.2003 - 24.10.2003 --- AERAsec Network Services and Security GmbH Wagenberger Strasse 1 D-85662 Hohenbrunn, Germany http://www.aerasec.de ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|