<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Firewall Wizards: Re: firewall rule lifecycle management

Re: firewall rule lifecycle management

From: Martin <marty_at_supine.com>
Date: Thu, 1 Sep 2005 10:14:29 +1000

$quoted_author = "Bruce Smith" ;
>
> From my PIX experience, clear rule counters every month. After a while, look
> for the rules that have zero counts and then remove them. Can be scripted
> and searched with grep.

that's a neat way of picking up dormant rules, but you'd still need to
review them manually to identify rules that should no longer be in place
even if traffic is still matching them.

cheers
marty

-- 
In the 60's, people took acid to make the world weird. Now the world is weird
and people take Prozac to make it normal.
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Received on Aug 31 2005

This message: [ Message body ]
Next message: Kevin: "Re: stopping bots from phoning home"
Previous message: Chuck Swiger: "Re: Windows VPN/RRAS traffic through watchguard"
In reply to: Bruce Smith: "RE: firewall rule lifecycle management"
Next in thread: Victor Williams: "Re: firewall rule lifecycle management"
Reply: Victor Williams: "Re: firewall rule lifecycle management"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos