Hi,
I'm reviewing all the rules in my firewall. I have a couple of old rules
that don't seem to make sense any longer.
Rule1 = any_host any_destination long_icmp drop. This rule was
put in a long time ago for the Ping of Death DOS attack. We are running fw1 vers
4.0sp5 on Solaris 2.6. Do I still need this rule?
Rule 2 states that my Web server and dns,smtp server located in the DMZ can
do "ident" with any host. Why would I need this?
Thankyou.
--
John Gesualdi
The Providence Journal Company
Phone (401)277-8133
Pager (401)785-6938
CCDP,CCNP
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
