Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!wuarchive!zaphod.mps.ohio-state.edu!sol.ctr.columbia.edu!cunixf.cc.columbia.edu!cs.columbia.edu!close.columbia.edu!ji
From: ji@close.columbia.edu (John Ioannidis)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: Reducing the risks when connecting to an internet
Message-ID: <1990Nov26.101009.9680@cs.columbia.edu>
Date: 26 Nov 90 10:10:09 GMT
References: <9011260544.AA01255@ucbvax.Berkeley.EDU>
Sender: news@cs.columbia.edu (The Daily News)
Reply-To: ji@cs.columbia.edu
Organization: Columbia University Department of Computer Science
Lines: 22

In article <9011260544.AA01255@ucbvax.Berkeley.EDU> damian@SRLVX0.SRL.FORD.COM ("Jerry Damian") writes:
>In article <3768@stl.stc.co.uk> neil@stc.co.uk is looking for a way to
>filter on specific IP services such as TELNET, SMTP, FTP, etc. 
>
>You can use Cisco routers to do this quite effectively. You can use their
>extended access controls to filter on source and destination address as
>well as port number. However, be aware that the Cisco ability to process

And remember that this should only be a temporary measure, while you
plug holes in your individual hosts. Do not get lulled into a false
sense of security. Protections and security should be enforced at the
host level. If you suspect that your networking daemons are buggy, get
your vendors (or your systems programmer) to fix them. 

/ji

PS: Hi Phil!

In-Real-Life: John "Heldenprogrammer" Ioannidis
E-Mail-To: ji@cs.columbia.edu
V-Mail-To: +1 212 854 8120
P-Mail-To: 450 Computer Science \n Columbia University \n New York, NY 10027