Dean Carpenter wrote: > > Best of all, of course, would be a Debian/Linux firewall. Any cheap old > 486 laying around with 2 nics and a floppy would do the trick. Take a > look at (sorry, don't have the URLs handy) > > Linux Router Project > Secure-the-Net > Edge
I'll admit my firewall isn't that simple, but then I'm also doing port forwarding via IPPORTFW, logging of connection requests, and a few other things. I have a 2.2 kernel with IPCHAINS masqueradinging and IPPORTFW IP port forwarding enabled in it. That, three NICs and small hard disk. This provides me with a classic DMZ network for the WWW server, and a local network that can't be directly accessed from outside in any form. The good thing about this setup is that you can easily setup the firewall machine so it has no reachable services running on it, thus allowing for greater security. -- Bryan Andersen [EMAIL PROTECTED] http://www.visi.com/~bryan/ Never ask a geek why, just nod your head and slowly back away. -Rob Malda
