[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Accessing machines behind a firewall

Hmmm.  You should still be able to do all that with the Linux Router
Project disk, eliminating the hard disk.  Just point the logging via
syslog to another internal machine. 

I've had too many drives fail on me to really want to trust them to a
"turn it on and leave for a year" type machine.  The floppy solution works
very very well - I have it in use in a couple of places with a perfect
record so far.

On Wed, 17 Mar 1999, Bryan Andersen wrote:

> Dean Carpenter wrote:
> > 
> > Best of all, of course, would be a Debian/Linux firewall.  Any cheap old
> > 486 laying around with 2 nics and a floppy would do the trick.  Take a
> > look at (sorry, don't have the URLs handy)
> > 
> >         Linux Router Project
> >         Secure-the-Net
> >         Edge
> I'll admit my firewall isn't that simple, but then I'm also doing port
> forwarding via IPPORTFW, logging of connection requests, and a few other 
> things.  I have a 2.2 kernel with IPCHAINS masqueradinging and IPPORTFW 
> IP port forwarding enabled in it.  That, three NICs and small hard
> disk.  
> This provides me with a classic DMZ network for the WWW server, and a 
> local network that can't be directly accessed from outside in any form.  
> The good thing about this setup is that you can easily setup the
> firewall
> machine so it has no reachable services running on it, thus allowing for
> greater security.

Dean Carpenter		deano@areyes.com			94TT :)
Areyes, Inc.		Dean.Carpenter@pharma.com

"No matter where you go, there you are"  sayeth Buckaroo 								 across the Eighth Dimension

Reply to: