Security Basics mailing list archives

Re: Security/Firewall question

From: Glenn English <ghe () slsware com>
Date: 29 Jul 2003 10:06:44 -0600

On Tue, 2003-07-29 at 02:40, Gregg wrote:

I'm not certain if- 
I want to assign that IP to the OpenBSD firewall,

Yup

and use NAT and/or RDR 
to pass on SMTP traffic on port 25 to the email server.


Yup

And put the email server on one of the private nets; set up the OpenBSD
box with no servers or users; make it a router between your public MX IP
and the private net; turn on OpenBSD's packet filter/firewall allowing
only TCP from >1023 to 25; ...

Am I a shame on my species?


... and replace the W2K software with Postfix on *nix :-) Religious
issues aside, the script kiddies are much more familiar with W2K than
with OpenBSD et al.

And for an extra ounce of prevention, set up a firewall on the email
server.

-- 
Glenn English
ghe () slsware com


---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

Security/Firewall question Gregg (Jul 29)
- RE: Security/Firewall question David Gillett (Jul 29)
- Re: Security/Firewall question Glenn English (Jul 29)
- Re: Security/Firewall question Terry Soucy (Jul 29)
- Re: Security/Firewall question Morton B. Maser (Jul 31)
- <Possible follow-ups>
- RE: Security/Firewall question Michael Dunn (Jul 29)
- RE: Security/Firewall question DeGennaro, Gregory (Jul 30)
- RE: Security/Firewall question Nick Nauwelaerts (Jul 30)