Re: Do I need a dedicated firewall?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, Dec 11, 2013 at 09:00:25PM -0800, Jason T. Slack-Moehrle wrote:
> Hi All,
> 
> So my electricity bill is through the roof and I need to pair down some
> equipment.
> 
> I have a CentOS 6.5 Server (a few TB, 32gb RAM) running some simple web
> stuff and Zimbra. I have 5 static IP's from Comcast. I am considering
> giving this server a public IP and plugging it directly into my cable
> modem. This box can handle everything with room for me to do more.
> 
> Doing this would allow me to power down my pfSense box and additional
> servers by consolidating onto this single box.
> 
> I have the firewall on on the server and only allowing the few ports I need.
> 
> I dont run ssh on 22
> 
> What do you guys think?

You certainly CAN do it that way.

Being paranoid, I'm in favor of having one "box" that does firewall/routing duties
without any other apps running, to reduce the exposed "attack surface".

I used to run a Smoothwall GPL box as firewall, but like you, I wanted to do
a little something about the power usage. My "solution' was a dedicated
consumer router, which used probably (not measured) a tenth of the juice
of the old PC that ran Smoothwall. I used dd-wrt on it instead of the original
firmware.

-- 
---- Fred Smith -- fredex@xxxxxxxxxxxxxxxxxxxxxx -----------------------------
                    The Lord detests the way of the wicked 
                  but he loves those who pursue righteousness.
----------------------------- Proverbs 15:9 (niv) -----------------------------
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux