STEALTH RULE

Unanswered Question
Feb 25th, 2008

Purpose - deny access to the firewall (save for specific exceptions) I always thought that if you specified some telnet hosts on the inside and SSH ones the outside that "it was implicit" that no other access could be made via these protocols. But to stealth the box should one actually ALSO have an ACL that says effectively, "permit specific telnet hosts tcp to access inside interface eq 23" and simlar for SSH hosts on the outside hosts - thus implicity denying all others this access ??

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
cdusio Thu, 02/28/2008 - 17:33

The way it works is if you specify hosts that can connect, all others are denied unless specifically allowed. You won't even be allowed to get a prompt.

Actions

This Discussion