On Tuesday 25 June 2002 10:27 am, Chris wrote: > Hello, > > > i am wondering if it would be a security risk to generally allow ALL > limited broadcasts (255.255.255.255)?! > > We have a heterogenous network with Linux (Firewalls, Mail/Proxy/Time/ > etc-server), WinNT/W2k Clients & Servers and one AS/400 as server. > Now there is our internal firewall between the LANs and the DMZ. > At the moment i am blocking limited broadcasts, which breaks the > functionality of some windows stuff (SQL-Server, NetBIOS, SMB, ...).
Broadcasts will not cross a router, from one network to another, so even if you did not actively block them with netfilter, they still wouldn't pass from your LAN to your DMZ. Antony.
