Security Planning

You need to determine, in broad terms, your security posture.

Consider the purpose of the machine. A public ftp server will generally have looser security than a firewall.

In broad terms, this posture will fall into one of two categories:

Everything not specifically denied is implicitly allowed.

Everything not specifically allowed is implicitly denied.

I prefer the latter option, as it is more secure.