Re: Hardening a firewall box
On Sat, Jan 08, 2000 at 08:19:14PM -0500, Dirk Eddelbuettel wrote:
> -- do we have a basic "hardening howto" document ?
Not yet. :)
I'm in the process of building up a set of proxies for our firewall,
and I will document what all I did to help harden the boxen.
> -- how do keep services like time, talk, ... accessible "inside" (ie on eth1
> on 192.168.1.*) but _not_ to the outside world on eth0 ?
I'm not sure, but doesn't xinetd allow binding to different addresses?
Or, you can make a set of ipchain rules to do this...
Tim
--
(work) sailer@bnl.gov / (home) tps@buoy.com - http://www.buoy.com/~tps
"It's easy to make a buck. It's a lot tougher to make a difference."
- Tom Brokaw
** Disclaimer: My views/comments/beliefs, as strange as they are, are my own.**
Reply to: