[Sderby] Auto generating firewall rules, is this possible?
Mike Hemstock
hemstock at tiscali.co.uk
Tue May 11 21:00:35 BST 2004
On Tuesday 11 May 2004 20:46, Patrick Barber wrote:
> Ashley Heath wrote:
> >Hi all,
> >
> >Anyone know of any way to put iptables (or some other software) into learn
> > mode to automatically generate firewall rules in Linux. I don't want to
> > have to trawl through masses of logs initially.
> >
> >Are there any hardware firewall appliances that will also do the above?
> >
> >Main reason being this is for an existing network that has been running
> > for years and know one is really sure exactly what runs over it and what
> > needs to be allowed or blocked. If we can get a list of rules then we can
> > work through them and deny any that shouldn't be there. Denying
> > everything and then opening ports where necessary is not really an option
> > as this will impact business operations to much.
> >
> >Any other suggestions welcome.
> >
> >Cheers,
> >Ash
> >
> >
> >
> >
> >
> >_______________________________________________
> >Sderby mailing list
> >Sderby at mailman.lug.org.uk
> >http://mailman.lug.org.uk/mailman/listinfo/sderby
> >Web site: http://sderby.lug.org.uk/
> >wiki: http://www.sderby.lug.org.uk/cgi-bin/wiki.pl
> >Join us on IRC: irc.lug.org.uk #sderby
>
> The only device i can think of that will produce a list of what running
> over a WAN link like this is a Packeteers Packetshaper
> (http://www.packeteer.com/), as for firewall rules, not wishing to teach
> people to suck eggs, the basics should be
>
>
> HTTP(S) to anything
> DNS to named servers
> POP3/IMAP to named servers
> SMTP to named servers
>
> other things should be to named servers
Why would you want POP3, IMAP & SMTP connecting to BIND servers?
Mike.
More information about the Sderby
mailing list