Solved

3 Com Super Stack Firewall

Posted on 2004-03-23
2
209 Views
Last Modified: 2013-11-16
We have a 3 com super stack firewall at work

I have a basic knowledge of setting up the firewall which has been completed and working well.

What are good default policies that every firewall should have in place for Blocking certain ports, key words, websites and so on
.

Thanks in adavnce

Mark
0
Comment
Question by:ellandrd
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 23

Assisted Solution

by:Tim Holman
Tim Holman earned 200 total points
ID: 10657762
Allow these ports out:

80 (http)
443 (https)
53 (dns)
25 (if you host your own mailserver)
110 (if you use an ISP's POP3 mailserver)

..and NOTHING in, except 25 if you host your own mailserver.

A good start is to allow everything out, but NOTHING in.
0
 
LVL 4

Accepted Solution

by:
hawgpig earned 300 total points
ID: 10657797
The 3 com super stack is like all other firewalls...
I will not allow initial connections from the outside world...
but will allow all from the inside to initiate a connection....
unless you plan on tranlsating a web to the outside world the default config will work fine for what you are trying to do.....
The 3com has the capablilty of doing web filtering by keyword....or web site.....
This is great for home use....but I have found it a serious Pain for business use.....I get a lot of calls from clients that can't get to a particular website because of a single swear word.....
So just a word to the wise.....if you decide to use web filtering on the 3com.....be aware you may end up chasing some ghosts once in a while...
Sounds like you have it under control...
Good Luck
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question