Security Basics mailing list archives
Re: firewall setup
From: Nelson Santos <nsantos () gmail com>
Date: Wed, 7 Jul 2004 16:31:59 -0300
Hi Ognen, you sure can. If you're using a Linux firewall I suggest leaving the DNS as it is and put all the IP addresses in the Linux box. Then use IPTables NAT functions to link the real IPs to the real servers. You will have some complications if you're using virtual hosts, but nothing you can't solve. If you want a quick-n-dirty solution try gShield. Just follow the installation instructions and then configure the "/conf/forwards" file. Use the software docs for more specific instructions. You can do the same with Windows/ISA Server. ISA can even do a high level heather based redirection (like www.x.com and www.y.com have the same IP but go to different machines). This is something I don't think IPTables can do. Hope that gives you some directions, Nelson Santos On Wed, 7 Jul 2004 14:33:16 +0000 (UTC), Ognen Duzlevski <maketo () sdf lonestar org> wrote:
Hi, I have a basic question: we have several boxes with unique public IP addresses which are part of a big .edu namespace. I would like to put these machines behind one single firewall and still keep their names. Is it possible to have all names point to the firewall machine and then have the firewall direct the specific request to a specific box behind it? So, if F is firewall.x.edu and I have A.x.edu, B.x.edu and C.x.edu I want to have A, B and C behind F. A, B and C should now point to F and F will direct all outside requests to A, B or C based on the name. Thanks, Ognen --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- firewall setup Ognen Duzlevski (Jul 07)
- Re: firewall setup Salvador Sosa (Jul 07)
- RE: firewall setup David Gillett (Jul 07)
- RE: firewall setup Ognen Duzlevski (Jul 07)
- RE: firewall setup Somnus (Jul 08)
- Re: firewall setup Dave Dearinger (Jul 08)
- Re: firewall setup Nelson Santos (Jul 08)
- <Possible follow-ups>
- RE: firewall setup MARTIN M. Bénoni (Jul 08)