RE: Firewall and Mailserver questions - suggestions wanted.

To: <debian-user@lists.debian.org>
Subject: RE: Firewall and Mailserver questions - suggestions wanted.
From: Bengt Thurée <bengt@zag.att.ne.jp>
Date: Thu, 7 Aug 2003 22:55:17 +0900
Message-id: <[🔎] 022e01c35ceb$8bbc76c0$0214a8c0@WinXP>
In-reply-to: <[🔎] 20030807032146.GC6818@ursine.ca>

Thanks for the various suggestions...
Appreciate it a lot, and now I am busy doing a lot of reading...
and then off to the second hand computer stores.... :)))

Thanks

/Bengt

-----Original Message-----
From: Paul Johnson [mailto:baloo@ursine.ca] 
Sent: Thursday, August 07, 2003 12:22
To: debian-user@lists.debian.org
Subject: Re: Firewall and Mailserver questions - suggestions wanted.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, Aug 06, 2003 at 09:01:31PM +0900, Bengt Thur?e wrote:
> web cache:			squid
> Ad removal:			privoxy

I recommend adzapper over privoxy, adzapper's easy to set up, easy to
maintain.

> miscelaneous:		dns, ntp, seti

Don't run seti on your firewall, best to leave it unburdened.

> 1) Is this a good setup? Or overkill? total maybe 10 persons 
> 	to use mailserver in the beginning.

It'll be easier and cheaper to configure and maintain if you make the box a
firewall that just happens to be providing a few services. You'll still be
better off than one of those Linksys boxes and way better than than a
Windows box.

> 3) On which computer should the squid, privoxy, and apt-proxy be
> 	running? On outerfirewall or on webserver? Or should I 
> 	have a dedicated computer for this?

If you're going to take the time and effort to have a DMZ sandwiched between
two firewalls, might as well do it right and not run anything on the
firewalls.

> 4) Is there any idea of having a dedicated logserver?

Probably overkill here.

> 5) Mail server and web server? Should this be in the same
> 	computer, or separate? More secure if they are in separate?

Unless we're talking thousands of users here, one box is fine for both.

> 6) Should I have the security stuff also on the dmz area?

?

> 7) Is it recommended to configure cron-apt to run once a day,
> 	and only install the security updates?

Not recommended that you have it automate installation.

- -- 
 .''`.     Paul Johnson <baloo@ursine.ca>
: :'  :    proud Debian admin and user
`. `'`
  `-  Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/McXKsClmdIs2Ki8RAjkPAKCAswrlXz3JeOiJ0iQnohkXEZV29QCeJKJ4
hd+inRKKAhI/8VAkyct9zgc=
=K7ya
-----END PGP SIGNATURE-----

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org

Reply to:

References:
- Re: Firewall and Mailserver questions - suggestions wanted.
  - From: Paul Johnson <baloo@ursine.ca>

Prev by Date: Re: Newbie Modem Q
Next by Date: Mailserver suggestions?
Previous by thread: Re: Firewall and Mailserver questions - suggestions wanted.
Next by thread: Debian way to make lmsensors working with kernel 2.6 ?
Index(es):
- Date
- Thread