Date: Sat, 01 May 1999 02:25:36 +0300 From: Fadi Sodah <sodah@qatar.net.qa> To: freebsd-isp@FreeBSD.org, freebsd-net@FreeBSD.org Subject: Best firewall configuration Message-ID: <372A3BF0.B46F1607@qatar.net.qa>
next in thread | raw e-mail | index | archive | help
Greetings
What is the best firewall configuration to make smurf
and ICMPs attack useless ?
I'm runing an IRC server and would like to protect it
as much as I can from all possible attacks.
My ISP is offering a service, which will allow me to create any type of
Packet Filtering policy I require for my aloccated server. The Firewall
"Officers" sit between my server and the ISP backbone network. These
Officers have full packet filtering capability and can filter on any
protocol or IP address.
My ISP asked me to tell them what exactly do I need and they
gave me this example:-
"List the IP Addresses to be configured for Packet Filtering Services
and
indicate the Policy Line for each.
You may have multiple policy lines per IP Address. Attach a separate
piece of
paper if necessary."
FROM: TO:
Allow or Deny IP Address or Block IP Address
or
Block Port or Application
Example Allow Any
206.171.12.100
ICMP
Example Deny Any
206.171.12.32/27
ICMP
Thanks in advance
-Pons
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?372A3BF0.B46F1607>