Re: firewalls config for TCP/ UDP

Jeffery . Gieser Wed, 09 Aug 2000 13:51:26 -0700

Ahmed,

     Most firewalls are, by nature, restrictive.  You start out with a
default deny all stance and then specifically allow certain things.  Very
few firewall allow all UDP traffic from the external network to the
internal network and an administrator who does allow that on his firewall
should not have wasted money on a firewall.  Usually, the only listen I
have on the external side of my firewall for UDP traffic is port 53 for DNS
and that is a DNS server which does not allow Port 53 UDP traffic into my
internal network.  As for TCP traffic, most TCP traffic that originates on
the external network will probably be sent to a dmz and not the internal
network.  The firewall you are describing, IMHO, is pretty permissive and
not the 'norm'.

Regards,
Jeffery Gieser




                                                                                       
              
                    "Ahmed Matar"                                                      
              
                    <[EMAIL PROTECTED]>        To:     <[EMAIL PROTECTED]>     
              
                    Sent by:                    cc:                                    
              
                    firewalls-owner@List        Subject:     firewalls config for TCP/ 
UDP           
                    s.GNAC.NET                                                         
              
                                                                                       
              
                                                                                       
              
                    08/09/2000 12:24 PM                                                
              
                                                                                       
              
                                                                                       
              



I'm use the net from behind a firewall and am doing some tests transmitting
data from a server outside the firewall to myself. I have noticed the
following: I'm able to receive the data transmitted via UDP to me using ANY
port. However, I'm able to receive the data transmitted via TCP to me using
only SOME ports, these are only a very few open ports (I checked their
numbers using a port scanner that I created). I know for security reasons
that most firewalls have only a very limited number of ports open for
incoming data transmitted via TCP. I'm wondering if allowing incoming data
transmitted via UDP to 'pass though' ALL ports to a client is a typical
configuration for a firewall?? or do most firewalls have only SOME ports
open for incoming UDP streams??

Also, in the case of some firewalls that only have a certain number of
ports
open for incoming UDP streams, are there any 'famous'/typical ports that
are
usually open on these firewalls for incoming UDP streams??

Thanks in advance.

Ahmed


-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]




-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
Re: firewalls config for TCP/ UDP

Reply via email to
