RE: Firewall Related Question
Yes, you could definitely do a firewall on each server.
Also, have you considered setting up a 4th machine between the Cisco and 3
servers? That could work also. You wouldn't make it a masq box, just
configure it to pass packets based on the rules.
From: Alson van der Meulen [mailto:firstname.lastname@example.org]
Sent: Monday, October 22, 2001 6:58 AM
To: Debian Security List
Subject: Re: Firewall Related Question
On Mon, Oct 22, 2001 at 12:44:03PM +0200, eim wrote:
> I've got some simple questions related to using a Firewall on
> some single pubblic Debian Boxes, I choose to post my questions
> here because I've always securitty in mind during the Developing
> time of my Network Services.
> Let me asume I've got a simple Network with 3 Pubblic Debian
> Servers and 1 Cisco Router (Internet Gateway).
> The router belongs to my Connection ISP so I can't configure it,
> but onlu use it for Internet connectivity.
> The 3 Debian Boxes are under my full control.
> The best way to protect my Debian Servers would be to install
> a Firewall on my Gateway (Cisco Router) but actually I can't,
> so my question is: Can I install a Firewall on each of my Debian
> Boxes to filter/block incoming and outgoing Network Traffic ?
> Is this a good choice ? or should I put another machine in my
> Network, between the Gateway and the Servers, which acts as Firewall ?
You can just configure a packet filter on all your servers, the main
disadvantage is that it's more difficult to administer
To UNSUBSCRIBE, email to email@example.com
with a subject of "unsubscribe". Trouble? Contact