[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: init.d startup sequence for shorewall



On Thu, Dec 12, 2002 at 04:18:17PM -0500, Raymond Wood wrote:
> There have been several responses to Yogesh's question, but none
> of them provide a clear and straightforward answer.  

Ok. Let me try again: this is a security risk. 

A gateway firewall _needs_ to be setup the following way:

0.- setup a default DROP policy, flush all policies
1.- startup network interfaces (but w/o forwarding)
2.- setup proper firewall rules
3.- enable forwarding

This makes sure that:

a.- the firewall cannot be attacked from the time the network is brought
up and the rules are setup (because of 0)

b.- the systems protected by the firewall cannot be attacked from the time
the network is brough up and forwarding is enabled (because 3 is done
_after_ 1 and _after_ 2)

	Clear enough now?
	Any firewall that does not startup this way is introducing a
security issue since the network (or the firewall) are _unprotected_ for
some time during startup (or when the firewall is restarted)

	Of course: IMHO, YMMV...

	Regards

	Javi

Attachment: pgpS0wOB8kzo4.pgp
Description: PGP signature


Reply to: