ipchains setup on 3 nics (internet, dmz & trusted)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



need some comments on the security aspect if the above was implemented.

i have considered the these aspects :
1. source address verification (spoofing)
2. strict forward chains based on address
3. trusted to anywhere is MASQed, direct forwarding is allowed only between
internet and dmz
4. strict control on ports for dmz and trusted.

hope to get some good tips and comments from you guys.

------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux