mailing list archives
RE: DMZ / Firewall rule diagramming
From: "Craig Humphrey" <Craig.Humphrey () chapmantripp com>
Date: Fri, 3 Dec 2004 09:15:43 +1300
Thanks for that, but I think you missed the point.
I'm trying to come up with a "standard" way to describe ANY DMZ or
Firewall rule set.
I already have pretty pictures of the physical layout of my DMZ, but
it's a nice way to overlay the rules and data flows on that that I'm
Mogzy uses layers in Visio, which is an excellent idea.
Though I'm still looking for a more formal method... Surely the likes of
SANS have something in this area? (I've done a google on their site, but
turned up nada).
From: Charles mckee [mailto:chuck619 () gmail com]
Sent: Friday, December 03, 2004 3:54 AM
To: Craig Humphrey
Cc: security-basics () securityfocus com
Subject: Re: DMZ / Firewall rule diagramming
For you to ask for a general firewall configuation that is
kind of tough.
First of all we need to know what hardware and software is you have
access too..Where are you going to place your firewall.
We need to see kind of where you intend to place it.
What rulesets you want want to employ.
I would advice you to take a look at some books about firewalling,
DMZ's, HoneyPots and Network Design. This way you can become more
familiar yourself with it.
What good is a firewall if one does not know where to place it, where
it's logs are kept and so forth.
Must my humble .02 cents.