On Thu, Dec 12, 2002 at 04:18:17PM -0500, Raymond Wood wrote: > There have been several responses to Yogesh's question, but none > of them provide a clear and straightforward answer. Ok. Let me try again: this is a security risk. A gateway firewall _needs_ to be setup the following way: 0.- setup a default DROP policy, flush all policies 1.- startup network interfaces (but w/o forwarding) 2.- setup proper firewall rules 3.- enable forwarding This makes sure that: a.- the firewall cannot be attacked from the time the network is brought up and the rules are setup (because of 0) b.- the systems protected by the firewall cannot be attacked from the time the network is brough up and forwarding is enabled (because 3 is done _after_ 1 and _after_ 2) Clear enough now? Any firewall that does not startup this way is introducing a security issue since the network (or the firewall) are _unprotected_ for some time during startup (or when the firewall is restarted) Of course: IMHO, YMMV... Regards Javi
Attachment:
pgpFBHvOx_czS.pgp
Description: PGP signature