[Gllug] Basic Firewall Policy

Wayne Clancy wclancy at irisfinancial.com
Fri Feb 13 14:44:04 UTC 2004 

"A simple 1 ip-address setup and a free USB ADSL modem is not ideal for 
this to be secure."

What's wrong with NAT and port forwarding  required service's.

You could always take a look at IPcop firewall/router/VPN 
(http://www.ipcop.com) and run a gateway on a old machine. IPcop is 
perfect with 1 IP and a free USB ADSL router 


Mark Preston wrote:

> On Thu, 12 Feb 2004, Harry Mantheakis wrote:
>
>> / I know that implementing computer security is, like home security, an
>
> />/ exercise in judging which risks are acceptable, and which are not.
> />/ />/ The problem is, I have no idea how to make that judgement with 
> computers!
> />/ />/ So my question is: what would you consider to be the *basic* 
> and *essential*
> />/ steps to take in respect of setting up a firewall?/
>
>
>
> To be secure, if you are hosting a service which is to be made 
> available outside of you small home network, such as HTTP, I believe 
> you would benefit by having static IP-addresses, with Four allocated 
> addresses (two usable). A simple 1 ip-address setup and a free USB 
> ADSL modem is not ideal for this to be secure.
> ukfsn.org offers this option , as do many other ISPs.
>
> Go to http://www.ossi.co.uk/ and click on Magazine and then Linux 
> Firewalling for a fairly detailed article which you might find useful.
> Regards,
> Mark Preston
>
>

-- 
-----------------------
Wayne Clancy
System Administrator 
Iris Financial Engineering
10 Old Jewry, London, EC2R 8DN

Phone:    +44 (0) 20 7776 6999
Direct:   +44 (0) 20 7776 6970
Mobile:   +44 (0) 7958 044196 
Fax:      +44 (0) 20 7600 5612

www.irisfinancial.com

The information in this e-mail is confidential and may be legally
privileged. It is intended solely for the addressee. If you are not the
intended recipient please delete and do not disclose to another person
or use, copy or forward all or any of it in any form. Any views
expressed in this message are those of the  individual sender, except
where the sender specifically states them to be the views of Iris
Financial Engineering.


-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list