Re: Linux - DNS/WWW/POP
Hello,
ktb wrote:
> > Can I have one Linux box working as my name server, web server, proxy server, mail server, and ftp?
> >
>
> Yes you can do that. Where I work the policy is one main service per
> server for security and performance reasons. If this box is for home
A related question: Can I have a box serve both as a server (DNS, mail,
proxy, web, ...) for the local network _and_ as a firewall for the local
network at the same time?
I will soon have a DSL flat rate and plan to be online all the time.
However, to protect my boxen from stupid script kiddies, I want to have
only one port open to the internet, and that is SSH. On the other hand
I want to have all the other ports open on the local net, because I
don't risk anybody cracking the box, it will only be my roommates.
So, is this possible? Only SSH open on one interface and all the rest
restricted to the local interface? Does netfilter in 2.4 help? (I
haven't read up on it, but I heared, that it's stateful firewalling.)
The alternative would be having one box serve as a dedicated firewall (I
figure, my old 486DX/33 with 8MB will do it) and another box serve as a
local server. This has the advantage, that, if I screw up and my server
goes down, I still have internet access. On the other hand, it's
another box consuming energy, and I like to avoid that as much as
possible (for both financial and environmental reasons).
Thoughts?
TIA,
Viktor
--
Viktor Rosenfeld
WWW: http://www.informatik.hu-berlin.de/~rosenfel/
Geek Code (3.1):
GCS/SS d-@ s+: a20 C++@ UL++$ P+ L+++ E--- W++ N++ o? K? !W O? M? V?
PS++@ PE+(-) Y+ P?(+++) t+ 5+ X- R? !tv b+ DI+ D- G e>+++ h-- r- !y+
Reply to: