On Sat, Jul 16, 2011 at 2:01 PM, Drew <drew.kay@xxxxxxxxx> wrote:
>>> That being said, one should *never* create firewall with only one NIC!
>>> It is highly unsafe.
>>
>> So I shouldn't run a firewall on any of my hundreds of single nic
>> instances?
>
> I think he's referring to the standard router/firewall scenario where
> the server is an internet gateway for a network. There I'd consider a
> single interface system as inherently insecure.
>
>
> --
> Drew
>
> "Nothing in life is to be feared. It is only to be understood."
> --Marie Curie
> _______________________________________________
well there's no real reason why a single NIC firewall should be
insecure. We're all referring a normal PC (or even server) with CentOS
installed on it, not a commercial firewall.
If you setup different IP subnets on the same NIC and routing between
them, the same way as between 2 NIC's then you'll still have the same
level of firewalling. And I'm sure you could setup VLAN's on the
switch for the different IP subnets to make it more secure as well.
The one place where this is commonly used is with a PPPoE ADSL switch
where the ADSL "firewall" establishes the PPPoE connection and then
shares the internet to the LAN as well using the same ADSL modem's
wifi connection.
--
Kind Regards
Rudi Ahlers
SoftDux
Website: http://www.SoftDux.com
Technical Blog: http://Blog.SoftDux.com
Office: 087 805 9573
Cell: 082 554 7532
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
