Home page logo

basics logo Security Basics mailing list archives

Re: Writing firewall ruleserts ... Recommend good procedure and resource for ports lookup?
From: "Neal K. Groothuis" <ngroot-securityfocus () lo-cal org>
Date: Fri, 16 May 2003 09:46:29 -0500

On Wed, May 14, 2003 at 10:02:21PM +0100, Mark (fat) wrote:
I have to write firewall rulesets for a pair of back to back dual vendor
firewalls with multiple DMZ's from each.

Can anyone recommend a good procedure to use. Opensource would be great
but you cant really beat a good book.

The only text I managed to find when I was looking for advice on
writing rulesets was _The Concise Guide to Enterprise Internetworking and 
Security_ by Kyle Cassidy.  Even this doesn't go into much of a diversity
of setups, but it does at least cover how to configure many common kinds
of firewalls.

Also can anyone recommend a good resource for translating services into
ports etc

See http://www.iana.org/assignments/port-numbers for the canonical list;
also Googling on the service and "port" will oftentimes give you the
information you need if a program uses a port without registering it
with IANA.  Of course, this assumes that programs are running on standard
ports; otherwise you'll pretty much just have to log into the machine and
use netstat or some similar program to see what processes are holding the 

A faith; this is a necessity for man. Woe to him who believes nothing.
                                                --Victor Hugo
                                                  Les Miserables
PGP key available upon request or at http://www.imsa.edu/~ngroot/

Attachment: _bin

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]