[2034] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] IP Filters and Masq for Linux

daemon@ATHENA.MIT.EDU (Mailing Lists)
Fri Aug 7 02:33:24 1998

Date: Thu, 06 Aug 1998 14:09:42 -0400
To: linux-security@redhat.com
From: Mailing Lists <mlist@almerco.ca>
In-Reply-To: <001b01bdc0a3$9cf8df80$0101a8c0@shumira.seifried.org>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

Hi, I have some questions concerning the ipfwadm and RedHat.

I'm building a firewall for a small cie, and propose using a bare RedHat
5.1 (without any mean to connect to it, except through sshd) and have it
acting as a firewall between the DMZ and the internal network.  I plan to
do this only using the ipfwadm utility (IP filtering + masquerading).  No
redirs inside the internal network, and permissions for everyone inside to
contact anyone outside.  No java, activex or javascript filtering.

What are the downs/ups of such a config.  How could someone gain access to
a computer inside the firewall, is there any way?  (most are NT Wks 4.0 in
PDC BDC environment)

Anything I should pay special attention?  I'm planning to use a logchecker
and tripwire to report anything unusual.

Any comments will be appreciated.

If someone else is interested, I'll post a resume of all the answers I'll
be getting to the list.

Thanks!

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post