Right now I have created one rule that says:
From:
External (WAN) (Address)
External (WAN) (Broadcast)
External (WAN) (Network)
Protocol Any
Destination Any
Action: DROP
Is that correct if I want to plug all external holes?
Also for IPS all I have in the LOCAL NETWORKS is: Internal (Network).
Here are the results of the pentest on a default firewall setting that comes right after install:
High Risk Vulnerabilities
1.3.6.1.4.1.25623.1.0.10496 Denial of Service : Imail Host: overflow
Medium Risk Vulnerabilities
1.3.6.1.4.1.25623.1.0.80091 General : TCP timestamps
1.3.6.1.4.1.25623.1.0.12213 General : TCP sequence number approximation
Low Risk Vulnerabilities
1.3.6.1.4.1.25623.1.0.11919 General : HMAP
Other Items to be Considered
1.3.6.1.4.1.25623.1.0.810003 General : Host Summary
1.3.6.1.4.1.25623.1.0.51984 General : Reverse DNS Lookup
1.3.6.1.4.1.25623.1.0.51662 General : Traceroute
1.3.6.1.4.1.25623.1.0.15588 Service detection : Detect Apache HTTPS
1.3.6.1.4.1.25623.1.0.103978 General : Checks for open udp ports
1.3.6.1.4.1.25623.1.0.10330 Service detection : Services
1.3.6.1.4.1.25623.1.0.10107 General : HTTP Server type and version
This thread was automatically locked due to age.
