Firewall Wizards mailing list archives
RE: Linux Firewall - Bob's Experiment
From: "Baxter, John" <JHB () cbsnews com>
Date: Wed, 8 Aug 2001 11:19:38 -0400
I see you're running your IPless box between LAN and NAT box - wouldn't it be better between the NAT box and the outside world? eg LAN --- NAT --- IPless box ----- Internet John Baxter -----Original Message----- From: Bob Washburne [mailto:rcwash () concentric net] Sent: 08 August 2001 14:05 To: rob.roberson () verizon com Cc: firewall-wizards () nfr com Subject: Re: [fw-wiz] Linux Firewall - Bob's Experiment Linux is usable, but my personal prefferance is http://www.openbsd.org/ which is a battle hardened unix clone. I am developing a system for my home as an experiment: -) i486 running OpenBSD as a gateway/NAT to the Internet. Everything else other than NAT stripped off the system (can't hack what ain't there). -) P166 running OpenBSD as a bridge/firewall/IDS between the NAT and the LAN (a bridge doesn't have an IP address. Can't hack what you can't see.) -) LAN running whatever with non-routable IP addresses. I am hopeing that this stratagy will go a long way in protecting my firewall from compromise. I have no illusions about what a firewal can and cannot do, but at least this one layer will be well protected :-) The next phase would be to configure the NAT is such a way that it can be burned onto CD and the hard drive removed. Very difficult to hack a read-only system... Bob Washburne
i got a linux box i would like to turn into a firewall for home... i have it set up right now with 2 nics and just using simple maquerading. I would like to go to the next step in complexity... I was looking around sourceforge and freshmeat and saw a mind boggling number of programs.. I
am
new to firewalls, but experienced in Linux / AIX / HPUX. Any input would
be
appretiated and welcomed.. Adam Graham _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Linux Firewall - Bob's Experiment Baxter, John (Aug 10)
- Re: Linux Firewall - Bob's Experiment Bob Washburne (Aug 11)
- <Possible follow-ups>
- RE:Linux Firewall - Bob's Experiment Baxter, John (Aug 11)
- Re: Linux Firewall - Bob's Experiment Baxter, John (Aug 11)