About my Firewall Settings - I would like an opinion
Anthony M. Rasat
anthony.rasat at gmail.com
Fri Nov 14 07:52:36 UTC 2008
Manuel Gomez wrote:
> I have set the default policy in DROP.
>
> What more could i do?
>
> Thank you very much, i appreciate your help.
>
This is my personal opinion and absolutely not going to push it to your
head.
I do not like DROP firewall policy if such host exist in my network. It
would make troubleshooting (ie. traceroute, ping) harder.
Usually I talked that host administrator (whom also my colleage, this is
my network) that I would like ICMP to be allow only from certain host
(ie. monitoring host). That way, I can partially keep an eye on hosts
while not compromising his network policy.
Just my opinion though.
--
Regards,
Anthony M. Rasat
Manager - Technical, Network and Support Division
PT. Jawa Pos National Network
Graha Pena Jawa Pos Group Building, 5th floor
Jln. Raya Kebayoran Lama 12, Jakarta Barat 12210
Indonesia.-
Phone 02132185562
Phone 081574217035
Fax 02153651465
Web http://www.jpnn.com
More information about the ubuntu-users
mailing list