<<< Chronological Index >>>    <<< Thread Index >>>

Re: FYI: checklist for filtering


On Tue, 25 Jul 2000, Rene Wilhelm wrote:

> Something for our (in- or external ?) FAQ:
> 
> Q. What kind of access do TTM boxes need to/from the outside world
> 
> A. We require the following:
> 
>      TCP
> 	- outgoing mail (SNMP)  
> 	- incoming SSH  (from 193.0.0.0/23)
> 
>      UDP
> 	- incoming/outgoing DNS         (local resolver)
>         - incoming/outgoing TestTraffic (today port 6000)
> 
> 
> Q. Host changed access policy, how to check if things work OK?
> 
> A. Check the following:
> 
> 	- RCDP data files continue to collect data
>         - other boxes continue to receive data from this box 
>         - operational mails still arrive at tt-ops@ripe.net
>         - the local named can resolve DNS queries 
>           (try "host tt01 127.0.0.1" and "host tt01 193.0.0.198")
> 
> -- Rene
> 
> 
> P.S. If I've overlooked something, feel free to add.

NTP from/to port 23

Some of this is in the old RIPE179, but I've added this to the FAQ.




Henk



------------------------------------------------------------------------------
Henk Uijterwaal                    Email: henk.uijterwaal@ripe.net
RIPE Network Coordination Centre     WWW: http://www.ripe.net/home/henk
Singel 258                         Phone: +31.20.535-4414,  Fax -4445
1016 AB Amsterdam                   Home: +31.20.4195305
The Netherlands                   Mobile: +31.6.55861746  
------------------------------------------------------------------------------

A man can take a train and never reach his destination.
                                               (Kerouac, well before RFC2780).






<<< Chronological Index >>>    <<< Thread Index >>>