Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: firewall rule lifecycle management

Re: firewall rule lifecycle management

From: Victor Williams <vbwilliams_at_neb.rr.com>
Date: Wed, 31 Aug 2005 21:03:38 -0500

True.

That's why I've started commenting rules, or groups of rules. Then I
can go back later and determine if they are actually needed.

Martin wrote:
> $quoted_author = "Bruce Smith" ;
>
>>From my PIX experience, clear rule counters every month. After a while, look
>>for the rules that have zero counts and then remove them. Can be scripted
>>and searched with grep.
>
>
> that's a neat way of picking up dormant rules, but you'd still need to
> review them manually to identify rules that should no longer be in place
> even if traffic is still matching them.
>
> cheers
> marty
>
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Aug 31 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos