Solved

3 Com Super Stack Firewall

Posted on 2004-03-23
2
208 Views
Last Modified: 2013-11-16
We have a 3 com super stack firewall at work

I have a basic knowledge of setting up the firewall which has been completed and working well.

What are good default policies that every firewall should have in place for Blocking certain ports, key words, websites and so on
.

Thanks in adavnce

Mark
0
Comment
Question by:ellandrd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 200 total points
ID: 10657762
Allow these ports out:

80 (http)
443 (https)
53 (dns)
25 (if you host your own mailserver)
110 (if you use an ISP's POP3 mailserver)

..and NOTHING in, except 25 if you host your own mailserver.

A good start is to allow everything out, but NOTHING in.
0
 
LVL 4

Accepted Solution

by:
hawgpig earned 300 total points
ID: 10657797
The 3 com super stack is like all other firewalls...
I will not allow initial connections from the outside world...
but will allow all from the inside to initiate a connection....
unless you plan on tranlsating a web to the outside world the default config will work fine for what you are trying to do.....
The 3com has the capablilty of doing web filtering by keyword....or web site.....
This is great for home use....but I have found it a serious Pain for business use.....I get a lot of calls from clients that can't get to a particular website because of a single swear word.....
So just a word to the wise.....if you decide to use web filtering on the 3com.....be aware you may end up chasing some ghosts once in a while...
Sounds like you have it under control...
Good Luck
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question