On Tue, 12 Sep 1995, Jay 'Whip' Grizzard wrote: > ObBugTraq: Apparently (at least, under limited testing), putting up a filter > to prevent folks from getting to your login port from the outside world > will protect you -- Except I don't _want_ to have to start filtering things > out, and in some circuimstances (backbone routers, etc), it's not exactly > a viable option. Do YOU want to have the bandwith of several T1's all > running through a filter before they get off the router? No, thanks... Unless you can cite any actual benchmarks that demonstrate measurably lower throughput when filters are in use I would be inclined to dismiss this particular objection as uninformed speculation. Packet filtering based on specific, concisely encoded rules is a relatively old and fairly well understood problem, and I doubt the additional overhead would be significant at even the T1 level.. especially for a filter as simple as Livingston's recommended work-around. If you are having trouble setting up your filters (it's well known that that section of the manual is clear as mud) querying Livingston technical support, or the portmaster-users mailing list, would likely be of more help to you and the rest of the world than spreading misinformation.