begin quoting [EMAIL PROTECTED] as of Mon, Aug 07, 2006 at 04:31:56PM -0700:
> I have a need to restart my firewall every day or so and don't
> know if a few seconds of downtime will matter.
Watch your logs. How often are you attacked? That will help you to
determine your exposure window. That will help you to estimate the
probability of an attack.
Probability
^
| (risky)
|
|
|(!risky)
+-------------------->
Consequences
If there's a high probability that there will be a problem, that's
risky. If the consequences of a problem are dire, that's risky. If
it's a low-probability low-consequence problem, enh, why worry?
> Why? I want to deny reserved IP addresses at:
>
> www.iana.org/assignments/ipv4-address-space
>
> This list *CHANGES* so I must reconfigure firewall every day or so. :(
Can't you bring the external interface down, flush your rules, reload
your rules, and bring your external interface back up?
Sure, you'll lose any open connections... but you'd prevent anyone from
sneaking in.
--
_ |\_
\|
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
