[2034] in linux-security and linux-alert archive
[linux-security] IP Filters and Masq for Linux
daemon@ATHENA.MIT.EDU (Mailing Lists)
Fri Aug 7 02:33:24 1998
Date: Thu, 06 Aug 1998 14:09:42 -0400
To: linux-security@redhat.com
From: Mailing Lists <mlist@almerco.ca>
In-Reply-To: <001b01bdc0a3$9cf8df80$0101a8c0@shumira.seifried.org>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
Hi, I have some questions concerning the ipfwadm and RedHat.
I'm building a firewall for a small cie, and propose using a bare RedHat
5.1 (without any mean to connect to it, except through sshd) and have it
acting as a firewall between the DMZ and the internal network. I plan to
do this only using the ipfwadm utility (IP filtering + masquerading). No
redirs inside the internal network, and permissions for everyone inside to
contact anyone outside. No java, activex or javascript filtering.
What are the downs/ups of such a config. How could someone gain access to
a computer inside the firewall, is there any way? (most are NT Wks 4.0 in
PDC BDC environment)
Anything I should pay special attention? I'm planning to use a logchecker
and tripwire to report anything unusual.
Any comments will be appreciated.
If someone else is interested, I'll post a resume of all the answers I'll
be getting to the list.
Thanks!
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null