Filter and Firewall
Left running head:
Chapter name (automatic)
732
Beta
Beta
CLI Configuration Guide
Alcatel-Lucent
S
ECURITY
-
B
EST
P
RACTICES
"
Security is not a product, it's a process
". This is a very famous saying by
Bruce Schneier. Nothing in security is "set it and forget it!" Security cannot be
achieved with point products-it is an ongoing process that never ends. A firewall is
a very important part of security, but it is a small part. There are instances where
one has the best firewall product installed but poorly configured one. This is same
as not having one.
It becomes imperative, hence to know what are the best practices to follow when
configuring a firewall. The below said discussion gives a broad guideline to
configure a firewall which protects the network against the hackers as well as the
Denial-of -Service attacks. Below are some rules, procedures and restrictions you
may use to provide level of security in the network.
The following are some general procedures, which needs to be kept in mind.
(These are independent of Firewall configuration).
•
Keeping network user accounts off the Internet service computers such as web
servers. FTP servers and firewall. Having separate administrative accounts with
different passwords for these devices.
•
Regularly scan the system logs for failed logon attempts to network services and
failed connection attempts to web servers, FTP servers, etc.
•
Regularly scan system user accounts for unauthorized addition or modification of
user accounts for network services
•
Performing regular backups.
R
ULES
FOR
C
ONFIGURING
P
ACKET
F
ILTERS
A packet filter will not stop a concentrated network attack from exploiting service
protocol weaknesses, but it will stop the simplest Denial -of- service attacks.
These rules control the flow of several different kinds of packet through the
firewall. The point to be noted here is that rules are evaluated by firewall from first
to last.
The rules are:
•
ICMP Rules
•
IP Rules
•
UDP Rules
•
TCP Rules
Содержание OmniAccess 700
Страница 38: ...Left running head Chapter name automatic 12 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 176: ...Left running head Chapter name automatic 150 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 224: ...Per VLAN Spanning Tree Left running head Chapter name automatic 198 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 258: ...Port Monitoring Left running head Chapter name automatic 232 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 260: ...Left running head Chapter name automatic 234 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 296: ...T1E1 Line Card Left running head Chapter name automatic 270 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 360: ...Point to Point Protocol Left running head Chapter name automatic 334 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 434: ...Left running head Chapter name automatic 408 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 462: ...Common Classifiers Left running head Chapter name automatic 436 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 464: ...Left running head Chapter name automatic 438 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 534: ...Border Gateway Protocol Left running head Chapter name automatic 508 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 638: ...Left running head Chapter name automatic 612 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 762: ...Filter and Firewall Left running head Chapter name automatic 736 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 890: ...Transparent Firewall Left running head Chapter name automatic 864 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 940: ...Left running head Chapter name automatic 914 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1000: ...Quality of Service Left running head Chapter name automatic 974 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1002: ...Left running head Chapter name automatic 976 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1044: ...DNS Domain Name Service Client Left running head Chapter name automatic 1018 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1046: ...Left running head Chapter name automatic 1020 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1058: ...Left running head Chapter name automatic 1032 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1074: ...Lifeline Left running head Chapter name automatic 1048 Beta Beta CLI Configuration Guide Alcatel Lucent line con 0 end ...
Страница 1076: ...Left running head Chapter name automatic 1050 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1118: ...Web Cache Server Left running head Chapter name automatic 1092 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1120: ...Left running head Chapter name automatic 2 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1140: ...QoS Values and Mnemonics Left running head Chapter name automatic 22 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1156: ...IPsec Interoperability of OA 700 Left running head Chapter name automatic 38 Beta Beta CLI Configuration Guide Alcatel Lucent ...