Malcolm: Outbound refers to what protocols you allow the users behind the firewall to use. Generally with the Cube as your firewall, you will allow all outbound connections and deny all inbound connections except to the services that you want connected such as ports 21, 25, 80 and all ports in the range from 1025 to 65355. NEVER allow an outside connection to 139, in fact don't run SMB if this is your firewall. That's just asking for trouble. With the cube, you can even make things worse yet by using it to authenticate your trusted network users under any circumstance! Don't forget to include as the last line in the firewall a statement that denys all incoming to all destinations on all protocols. -----Original Message----- From: cobalt-security-admin@xxxxxxxxxxxxxxx [mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Malcolm McLeary Sent: Friday, March 17, 2000 11:46 PM To: cobalt-security@xxxxxxxxxxxxxxx Subject: [cobalt-security] Qube2 Firewall "feature" Guys, In the Cobalt Knowledge Base it says ... >QuestionNum: 536 >Product: All >Category Admin >Creation Date: Tue Jul 06 12:04:20 1999 PDT > >Question >What options are available for using a Cobalt product as an internet >firewall? > >Response >The Qube2 features IP firewalling, which is a simple form of a firewall, >whereby the Qube2 begins to process a packet and determine whether or not >it came from an acceptable IP address. This is not a fully functional >firewall, and should not be considered such. > >A firewall is a group of related programs that protects a network's >resources from users from other networks. This is usually accomplished by >running such software on a dedicated machine, separate from the other >machines in an organization's intranet. Using the Qube 2 as a firewall >could compromise your security, as it is your server. Such a situation >would expose your network resources to outside users. So if I read this right, although the feature is called a firewall, its isn't and Cobalt recommend NOT to use it. So why include it at all? Can it serve any purpose? I am looking at a situation where NAT is being used so the only "visible" host will be the Qube2. It appears to me that it can only filter packets destined to itself, hence you could restrict external access to Qube2 based services while still permitting internal access to the same services. >QuestionNum: 735 >Product: Qube2 >Category Admin >Creation Date: Mon Jan 31 13:43:50 2000 PST > >Question >Does the Qube have any kind of firewall that allows me to limit those who >can gain access to the data on the Qube or access to the internal network? > >Response >Our Qube has a firewall. You can setup your own firewall rules for >your server. > >Here is a good tool to use to setup firewall rules: >http://www.cobalt.com/support/tools/firewall.html This looks like a useful tool if you need to configure the Qube2 Firewall, but I'm not sure I understand the purpose of "outbound". Can it be used to limit access to outside services or just to Qube2 services? Cheers, Malcolm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Information Alchemy Pty Ltd ACN 089 239 305 Canberra, Australia Malcolm McLeary Mobile: 0412 636 086 Managing Director Email: mim@xxxxxxxxxx This message was sent using Claris Emailer 2.0v3 for Macintosh. _______________________________________________ cobalt-security mailing list cobalt-security@xxxxxxxxxxxxxxx http://list.cobalt.com/mailman/listinfo/cobalt-security
Sun Cobalt and other Linux administration by Zeffie
Zeffie's Sun Cobalt Restore CD's
A Sun Cobalt and Linux Specialist Since 1999
Sun Cobalt Repairs, Development, and Maintenance.
Home of the Worlds Largest Collection of Sun Cobalt Updates!
Sun Cobalt Spam Filter, Security, Firewall, Anti Virus Products.
734-454-9117 US Toll Free 800-231-4459
Zeffie's Sun Cobalt Restore CD's
Copyright 2009 by Electronic Consultants Inc.