Re: About Firewall configuration

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> aragonx@xxxxxxxxxx wrote:
>
>>>My means :
>>>The Server machine is not DMZ, so can it use Private IP only ?
>>>
>>>
>>
>>Your only limitation is that a machine can NOT use an address in the
>>private IP range to communicate DIRECTLY to the Internet.
>>
>>
> Sorry, pardon me !

I did not mean to sound like I was yelling.  I simply used the capitals to
emphasize.  :)

>>If you have a router (be it hardware or software) to map your traffic to
>> a
>>public IP, you can use either.
>>
>>
> The router machine is a general router machine which provided by ISP, so
> it can't to be configed with firewall function ( only routed / routing
> function )...

Another poster suggested you go and install surewall.  I would not suggest
you do that!  Not without some thought and planning anyway.  You would
want a good understanding of what that package is and how it can help you.
 Putting another router that is totally under your control between your
network and your ISPs is a good idea though.

Give a lot of thought to your network design and what you want to do with
it.  Do some reading on DMZs and what they are intended to do.  You really
want to allow the minimum amount of incoming (and to a slightly lesser
degree outgoing) traffic while still allowing your users to perform their
functions.

Here are a few sites to get you started:

http://tldp.org/HOWTO/Security-HOWTO/index.html

http://www.netfilter.org/

http://www.linuxsecurity.com/

I hope this all makes sense without being too basic.  Security is an
important topic.



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux