> -----Original Message----- > From: CertaintyTech [mailto:[EMAIL PROTECTED] > Sent: Monday, August 25, 2003 11:25 AM > To: Dallas L. Engelken; 'ML qmail-scanner' > Subject: RE: [Qmail-scanner-general]Worm.Sobig.F > > > Shouldn't the last entry in the access-list be: > > access-list 102 permit ip any any > > Otherwise all other traffic will be blocked. >
yes, if your company policy is to open everything and close what you dont want in/out. if it's the other way around, you can skip adding access-list 102 deny tcp 10.1.1.0 0.0.0.255 any eq 25 and continue adding your access rules for services you allow, then follow up with a access-list 102 deny ip any any d ------------------------------------------------------- This SF.net email is sponsored by: VM Ware With VMware you can run multiple operating systems on a single machine. WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the same time. Free trial click here:http://www.vmware.com/wl/offer/358/0 _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
