Old Content
This content is old! It’s still useful, but it’s old, and there may be bit rot, newer/better tools or ways to do things. Sanity check and do your research.
This is the companion page for my Firewall Rule Base Best Practices document. I have listed all the resources I would otherwise have put at the bottom of the document. In this way, I hope to keep them current, and to add new material when I find it without having to revise the original document. If I have written it correctly, it should need little revision as time passes and technology changes. We’ll see.
Update 2003-01-27
When I started this document in the late 1990s, I was an InfoSec consultant working with firewalls on a day-to-day basis. That is not my day job anymore, and I have not found a great deal of time to devote to it. In addition I have since moved on, and I do not work with firewalls much in my current role.
I have been surprised at the number of requests that I get for this draft, and I apologize to all those who I’ve kept waiting though my lack of time. Thus, I am making this draft directly available on the Internet in the hope that it will be useful. I disclaim any and all liability-use it at your own risk.
If you would like to take over the maintenance of this document, let me know at JPATjpsdomainDOTorg .
Best Practices
- Firewall Rule Base Best Practices.doc (last updated 2003-12-31)
- 12 Tips on Building Firewalls by D. Brent Chapman, Elizabeth D. Zwicky, Simon Cooper 07/01/2000
Resources
See also my Security Tools page.
- ACK Tunnel through a Firewall
- Internet Firewalls FAQ
- Commercial Firewalls
- Internet Firewall Essentials
- CSI Firewall Archives
-
Security Related Port List
- See also: Port Databases
Old Content
This content is old! It’s still useful, but it’s old, and there may be bit rot, newer/better tools or ways to do things. Sanity check and do your research.