os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

take the axe a little closer, since I didn't say what I meant either, and

Browse source 
better empty than wrong.
This commit is contained in:
Adam David 1996-09-07 02:15:56 +00:00
parent 681925a0a8
commit 6f32a3a208
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=514
1 changed files with 2 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
handbook/firewalls.sgml
View file

@ -1,4 +1,4 @@
<!-- $Id: firewalls.sgml,v 1.10 1996-09-07 00:51:36 adam Exp $ --> <!-- $Id: firewalls.sgml,v 1.11 1996-09-07 02:15:56 adam Exp $ -->
<!-- The FreeBSD Documentation Project --> <!-- The FreeBSD Documentation Project -->
<sect><heading>Firewalls<label id="firewalls"></heading> <sect><heading>Firewalls<label id="firewalls"></heading>
@ -489,15 +489,10 @@ want to allow from the inside. Some general rules are:
<itemize> <itemize>
<item>Block all incoming access to ports below 1000 for TCP. This is <item>Block all incoming access to ports below 1024 for TCP. This is
where most of the security sensitive services are, like finger, SMTP where most of the security sensitive services are, like finger, SMTP
(mail) and telnet. (mail) and telnet.
<item>Block all incoming access also to TCP ports between 1001 and 1024
inclusive, unless rlogin/rsh access from outside is to be enabled, in which
case incoming SYN (<bf>setup</bf>) connections should be blocked on these
ports and allowed on the relevant service port(s).
<item>Block <bf>all</bf> incoming UDP traffic. There are very few <item>Block <bf>all</bf> incoming UDP traffic. There are very few
useful services that travel over UDP, and what useful traffic there is useful services that travel over UDP, and what useful traffic there is
is normally a security threat (e.g. Suns RPC and NFS protocols). This is normally a security threat (e.g. Suns RPC and NFS protocols). This