Re: Recently started experimenting with router rules

IWETHEY v. 0.3.0 | TODO

1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User

Welcome to IWETHEY!

Post #116,172

Picture of rickmoen

9/1/03 3:46:10 AM

Re: Recently started experimenting with router rules

Doug wrote:

Does anyone have a base 'rule-of-thumb' for filtering ports.

Sure. Run an operating system where you only run the network daemons you wish to run, can choose whether to make them bind to localhost only or to outside interfaces as well, and where you can easily turn them on/off, determine what's running and why, and substitute different implementations if you don't trust the current one.

If any of those things isn't true -- and in particular if you cannot reasonably control what network services are exposed to outside -- then you're not running a reasonable operating system, and should start your work there.

Fortunately, any modern microcomputer operating system will do fine. Take your pick: *BSD, Mac OSX, or Linux.

Rick Moen
rick@linuxmafia.com

If you lived here, you'd be $HOME already.

Recently started experimenting with router rules - (dmarker) - (9) - Aug. 31, 2003, 08:01:56 PM EDT

In general... - (Yendor) - (1) - Aug. 31, 2003, 08:05:39 PM EDT

what he said, open what you need ending with a deny all -NT - (boxley) - Sept. 1, 2003, 12:21:37 AM EDT

Re: Recently started experimenting with router rules - (rickmoen) - Sept. 1, 2003, 03:46:10 AM EDT

You could probably block everything. - (static) - (5) - Sept. 1, 2003, 09:50:58 AM EDT

Re: You could probably block everything. - (dmarker) - (4) - Sept. 1, 2003, 09:21:08 PM EDT

Haven't seen that one. - (static) - (3) - Sept. 2, 2003, 04:02:12 AM EDT

Eh? - (rickmoen) - (2) - Sept. 2, 2003, 04:20:30 AM EDT

Sorry, I mis-typed. - (static) - Sept. 2, 2003, 04:29:51 AM EDT

Sorry, I mis-typed. - (static) - Sept. 2, 2003, 04:29:52 AM EDT

use LRPDism;
108 ms