Hi Eric, Use the latest version of SSH and sendmail and you should be clear. Give it a private IP address (if its in the middle between the net and your LAN) and stop any data from or to it via iptables.
Thanks Mathew ----- Original Message ----- From: "Eric Low" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, March 28, 2002 7:59 AM Subject: [Bridge] IP address > I have a transparent bridge/iptables configuration, along with ebtables, and > have avoided assigning it an IP address for quite a while now, for security > reasons (making it harder for someone to directly connect or send anything > harmful directly to the bridge). I'm reconsidering that decision, for three > basic reasons - to allow SSH, SendMail (to email the logs to me), and to allow > DNAT. > > This might not be the best place to ask this question, but are there any > important security concerns that I should be aware of (besides SendMail holes)? > Perhaps I'm thinking about this wrong. Am I rightly concerned? > > Thank you, > Eric > > __________________________________________________ > Do You Yahoo!? > Yahoo! Movies - coverage of the 74th Academy Awards� > http://movies.yahoo.com/ > _______________________________________________ > Bridge mailing list > [EMAIL PROTECTED] > http://www.math.leidenuniv.nl/mailman/listinfo/bridge _______________________________________________ Bridge mailing list [EMAIL PROTECTED] http://www.math.leidenuniv.nl/mailman/listinfo/bridge
