Security of packet filtering/port forwarding
Results 1 to 3 of 3

Thread: Security of packet filtering/port forwarding

  1. #1
    Junior Member
    Join Date
    Nov 2001
    Posts
    1

    Question Security of packet filtering/port forwarding

    Greetings.

    I've been helping someone set up a network and the security model that seems to be in place is this:

    RedHat 7.2 , 2.4, iptables

    There are multiple server machines (news, mail, web etc) sitting behind a machine with a packet filtering firewall which denies all incoming except on those ports that have been explicitly declared as okay. Legit traffic is then forwarded (based on the port number) to the appropriate server.

    that's the basic setup. (If I've left out any pertinent info lemme know)

    So then the question is this: how strong of a setup is this? This is the first time I've really had a "real" network with a "real" connection to the net (faster then 56K) to administer and so I'm fairly ignorant about some of the security and design issues of firewalls.

    Any help/comments/flames/whatever are appreciated.
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Sep 2001
    Posts
    412
    If all your servers are configured correctly, and your using the latest versions of apache/qmail/whatever_news_server then it should be pretty tight, *unless* your iptables script leaves something to be desired - post it for public scrutinization and i'm sure you'll get some constructive/destructive criticism.
    Share on Google+

  3. #3
    Junior Member
    Join Date
    Nov 2001
    Posts
    10

    Protection

    you might wanna check out some tools for your setup:

    1. tripwire for your firewall
    2. inflex for sendmail ( a mail-relay is important)
    3. jdk if you've got an extra old 486 or somthing ( a little IDS)
    4. swatch (log file watcher)
    5. a good antivirus ( I prefer norton myself, but any well known will do)
    6. MRTG (a great (the best !) tool for monitoring router usage and any snmp oid for that matter).

    I'll write some more once I remember them
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides