First page Back Continue Last page Summary Graphic
You need to determine, in broad terms, your security posture.
Consider the purpose of the machine. A public ftp server will generally have looser security than a firewall.
In broad terms, this posture will fall into one of two categories:
Everything not specifically denied is implicitly allowed.
Everything not specifically allowed is implicitly denied.
I prefer the latter option, as it is more secure.