-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tuesday 19 November 2002 07:04, you wrote: > If it is a client machine and has a default DROP policy on > incoming packets, then ALLOW packets associated with open > connections. You probably don't need any other special > rules. Just set up policies to allow OUTPUT packets on the > ports you want. Only associated packets will be accepted IN.
Thanks for the feedback. All I am still a little worried about is what are associated packets, I guess. So suppose I initiate a non-anonymous FTP session, I've seen that generate ident packets. Are these associated? Similar worries about other protocols. - -- Olaf Meeuwissen GnuPG key: 91114EAF/C3E1 2D40 C7CC AEB2 FB15 8BDF 60C2 5B3F 9111 4EAF -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE94f3zYMJbP5ERTq8RAjN5AKCAyPxuehx4PzfXJq80+2gja8pTtQCeMUv+ pp38qUZv8BkiWZ0u9d2dZLk= =WFzS -----END PGP SIGNATURE-----
