RE: Broadcast Traffic to Firewall

Jose San Martin Fri, 10 Sep 1999 14:26:41 -0700
If the internal network runs Windows all this broadcast traffic
is probably NetBIOS (if so... do you really need it?)
Block (discard) it in the first rule, so the rest of the rules do
not need to be checked for it (increased performance).

Jose San Martin


> -----Original Message-----
> From: [EMAIL PROTECTED]
> 
> I like this option, block but not log.  I also like moving it 
> to another subnet
> but that is more work and would require changes in
> some of our branch offices.  Thank you all for your suggestions.
> 
> Jim Lemieux
> 
> 
> 
> 
> 
> 
> 
> "Ryan Russell" <[EMAIL PROTECTED]> on 09/09/99 06:16:14 PM
>                                                               
>                   
>                                                               
>                   
>                                                               
>                   
> 
> 
>                                                               
>                                                               
>                                                               
>  To:      Security/CT/ERNotes@ER                              
>                                                               
>  cc:      [EMAIL PROTECTED]                            
>                                                               
>                                                               
>                                                               
>  Subject: Re: Broadcast Traffic to Firewall                   
>                                                               
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> 
> >I am seeing a boat load of Broadcast traffic from my 
> internal network to my
> >Firewall.  Does anyone have any idea how I can stop this?  I 
> have blocked it at
> >the Firewall but it fills up the logs real fast.
> 
> Do you have an option to block but not log?
> 
> >My thought is to do something
> >at my internal default router which currently routes all 
> internet traffic
> >through the Firewall.  The other thought is to make sure no 
> workstations are
> >setup to broadcast file and print (bigger headache).
> 
> If you've got another router interface to burn, you can make the link
> between the inside router and the firewall a dedicated 
> subnet.  This is
> what I do.  Keeps all the broadcast stuff from other subnets away
> from the firewall, minus any misconfigured inside PCs who are trying
> to broadcast for name resolution using addresses that head toward
> the Internet. (If someone makes a typo on their address, it will send
> to .255 of that subnet assuming a mask of 255.255.255.0.  Presumably,
> they managed to find the router via rdisc or some such.)
> 
>                               Ryan
> 
> 
> 
> 
> 
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
> 
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
RE: Broadcast Traffic to Firewall

Reply via email to
