[Gllug] Isolating Network Services
Mark Lowes
hamster at korenwolf.net
Thu May 30 09:15:23 UTC 2002
On Thu, 2002-05-30 at 07:41, Chris Bell wrote:
> On Wed 29 May, Dylan wrote:
> > I want to start running rlogin (or secure equivalets) and such like over the
> > GREEN network. How do I close those services on the RED side? Each host has 2
> > NIC's on separate physical nets with separate subnets (except the gateway -
> > only on RED - and a server -only on GREEN).
> Sorry, I am NOT an expert, but I would probably have started with only 1
> NIC per box, each connected to the GREEN network, with a firewall linking
> this on to the RED network. The firewall would separate the local traffic
> from everything else. It looks as if you have sufficient hubs and
> connections, so would only need to add an old 486 or similar.
If you're after a quick out of the box solution then IPCop is nice, I'm
running it here on a p90. It NATs the GREEN network and has capability
to handle a DMZ (ORANGE) as well (once I buy that extra hub). The only
problems I'd had so far I think relate to some aggressive port scans
which result in no traffic through the firewall for a short period (10s
or so). Still looking into that one.
--
The Flying Hamster <hamster at korenwolf.net>
http://www.korenwolf.net/
"If you think you know what the hell is going on, you're probably full
of shit."
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list