Re: Do I need a dedicated firewall?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Wed, 11 Dec 2013, Jason T. Slack-Moehrle wrote:

Hi All,

So my electricity bill is through the roof and I need to pair down some equipment.

I have a CentOS 6.5 Server (a few TB, 32gb RAM) running some simple web stuff and Zimbra. I have 5 static IP's from Comcast. I am considering giving this server a public IP and plugging it directly into my cable modem. This box can handle everything with room for me to do more.

Doing this would allow me to power down my pfSense box and additional servers by consolidating onto this single box.

I have the firewall on on the server and only allowing the few ports I need.

I dont run ssh on 22

An additional consideration on Comcast's network is IPv6. Comcast will assign your routing device a /64 netblock in many, perhaps most, markets.

If, after being connected directly to your Comcast connection and having its network service restarted, your CentOS box still has an fe80::/64 address, you have no worries (yet). If you're on a 2601::/64 (or other 2xxx::/64) network, then you're accessible via IPv6.

So make sure that in addition to iptables, you brush up on ip6tables as well.

--
Paul Heinlein
heinlein@xxxxxxxxxx
45°38' N, 122°6' W
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux