Dave,
To know more about hardening your Cisco router
look at these links:
http://www.insecure.org/news/P55-10.txt
http://www.cisco.com/warp/public/707/21.html
http://www.cisco.com/warp/public/707/3.html
Just like a firewall the best thing is to open the specific
ports you want to get through your router and the rest
that doesn't match your access list get's dropped by
your router (the standard deny all).
I personally don't think the access list will downgrade
the performance of your router that much
Hope this helps.
Regards,
Brenno
> -----Original Message-----
> From: Dave Vogler [SMTP:[EMAIL PROTECTED]]
> Sent: dinsdag 1 mei 2001 15:41
> To: firewall discussion list
> Subject: Cisco access list technique
>
> Hi all,
>
> I'm a bit of a newbie to my Cisco router, but I'm attempting to set up
> an access list to firewall my LAN from the internet.
> Is there a preferred order for my permit and deny statements? I've
> heard that its best to put all your permit statements first, then your
> denys.... will this affect throughput speed? Are packets substantially
> slowed down because the router has to examine every one?
> And if an access list implicitly denies all that are not permitted, why
> even bother with deny statements?
>
> Thanks in advance,
>
> Dave Vogler << File: Card for Dave Vogler >>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
