Re: My first firewall

To: debian-firewall@lists.debian.org
Subject: Re: My first firewall
From: "Arne P. Boettger" <apb@wohnheim.fh-wedel.de>
Date: Tue, 21 May 2002 18:08:58 +0200
Message-id: <[🔎] 20020521160858.GG10846@wohnheim.fh-wedel.de>
Mail-followup-to: apb, debian-firewall@lists.debian.org
In-reply-to: <[🔎] 000901c200db$ee3f9f60$6600a8c0@jamesdesktop>
References: <[🔎] OF1369631C.853F7577-ON86256BC0.0052A7D8@norlight.com> <[🔎] 000901c200db$ee3f9f60$6600a8c0@jamesdesktop>

On Tue, May 21, 2002 at 11:26:51AM -0400, James wrote:
> > In addition to plain ole iptables masquerade, I'd personally 
> > install squid, ntp, and bind.  You may as well use squid to 
> > get some benefit out of the 8 gig hard drive.  "Obviously" 
> > you want to dpkg --purge telnetd, etc.
> 
> BIND has been statistically one of the largest *nix exploits.  I would
> not recommend installing it on a firewall.

Well - if all you want to use it for is dns-cacheing then restrict
it to internal-only access and trust your users.

-- 
Ciao, Arne.
 ,``ò.                                                                   -o)
>(  ç@ GPG 1024D/913C2F81 2000-10-11 Arne P. Boettger <apb@createx.de>   /\\
 ',,,' Fingerprint = 6ED9 9A64 CD8A EB6F D841  0391 2F08 8F86 913C 2F81 _\_V


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: My first firewall
  - From: "Vince Mulhollon" <vlm@norlight.com>
- RE: My first firewall
  - From: James <james@james-web.net>

Prev by Date: Debian version of the Sentry firewall CD?
Next by Date: Re: Debian version of the Sentry firewall CD?
Previous by thread: RE: My first firewall
Next by thread: Re: My first firewall
Index(es):
- Date
- Thread