Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations sizbut on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

does anyone know much about Gnat Box?

Status
Not open for further replies.
PalmStrike

PalmStrike

Technical User
Jul 31, 2002
197
GB
Hi, we have a small network here, 2 nt4 servers, and a bunch of 98 and 95 pc's, and we have a Gnat box fire wall which is like a box of it's own. I have been told that it is very good, and I am under the impression that it could be very flexible too,but know nothing of firewalls at the moment, I have just been going through the threads here to learn a bit while our email server defrags.

Plus, I am quite concerned that even if it is a fine firewall, I could bet that it is not confgured even slightly sensibly, are there specific ports that I should be aware of that act like a big old welcome mat?
 
Sort by date Sort by votes
I think you mean NAT (Network Address Translation) not gnat which could be almost any OS acting solely as a firewall/router....

Please let me know if I am wrong in my assumption

 
Upvote 0 Downvote
Guru-
No GNAT is a vendor. They make hardware firewalls I think.

PalmStrike -
Little lesson on firewall configuration. You do not just block ports that are 'dangerous'. You block everything, then just open the ports your company needs. For generic internet access you'd open outbound ports 80(http),443(https),21(ftp), and maybe 53 (dns queries; depends how your DNS is set up).
That's just best practice.
[smile]


Cool upcoming game! Check it out!
!
 
Upvote 0 Downvote
Hi there.
GNAT is a good firewall.
It's especially nice because it boots from a floppy & can really run on any old piece of junk box.

I have to admit that I haven't touched GNAT for a couple of years, but I think that I can answer your question.

General practice with firewalls is:
Open what's necessary and deny all else

This means that you should set up rules to open the necessary ports and then to deny all other incoming traffic.

Your firewall rules should be in accordance with the corporate security policy. In very general terms, though, many companies have the following ports open for incoming traffic:
80 for access to the web server
443 for secure access to the web server
21 for access to the FTP server
25 for incoming email

Of course, these are common and are not indicative of all businesses. The ports that you open should be dictated by your corporate security policy.

Here is a hypertext link to the official document of all the common port numbers:


Hope that helps


------------
Bill
Consultant / Network Engineer
CNE, CCNA
 
Upvote 0 Downvote
Yes, thanks for your responce, I think that is what we have here, but to be brutally honest, I am our corporate security policy. and I am trying to secure the network as the boss set it up about 3 years ago, but is unaware of how it actually works, hence, i have found huge holes internally, and just wanted to get an idea if there are any externally. thanks for your help.

Kind regards
Rob
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

GeorgeAlba
  • Locked
  • Question
What do you think about this proxy
Replies
0
Views
203
GeorgeAlba
GeorgeAlba
EdwardMcClelland
  • Locked
  • Question
Google DNS works with Sonic-wall installed. Cox doesn't.
Replies
1
Views
167
ChrisHirst
ChrisHirst
JMCraig
  • Locked
  • Question
Outbound traffic works; inbound does not
Replies
3
Views
120
nerdasaurus
nerdasaurus
nguyen23464
  • Locked
  • Question
Pix RDP Port Forwarding issue. Help? Much appreciated
Replies
3
Views
53
UltraZero
UltraZero
tanlccc
  • Locked
  • Question
Newbie here!! About ACL issue
Replies
4
Views
130
UltraZero
UltraZero

Part and Inventory Search

Sponsor

Back
Top