mailing list archives
RE: DMZ / Firewall rule diagramming
From: "Craig Humphrey" <Craig.Humphrey () chapmantripp com>
Date: Thu, 9 Dec 2004 11:51:16 +1300
Hmmm.. Yeah... I did the OSSTMM OPST course earlier this year and found
it a bit thin on diagramming techniques. But it's probably time I
re-read the OSSTMM guides and see what's going on...
Anyway, regardless of where I end up... I'll post results/progress to
From: aldr1c [mailto:aldr1c () nildram co uk]
Sent: Wednesday, December 08, 2004 10:21 AM
To: Craig Humphrey
Cc: security-basics () securityfocus com
Subject: RE: DMZ / Firewall rule diagramming
What you are after is laudable, but apparently not standardised.
How about coming at the issue from the other side? OSSTMM provides
templates for testing firewall responses. Would it be of use to use a
similar form/layout/series of Visio callouts to indicate the
responses for traffic types, port ranges, NAT/PAT etc?
I think that it is going to be down to you (not really
what you want
to hear, I know) and as always the rest of us would be
interested in how you
All the best.