Todd Walton wrote: > On 1/30/07, Brad Campbell <[EMAIL PROTECTED]> wrote: >> sangbsy wrote: >>> I want to make this firewall in a stealth mode .(No Visible Ports) >> Err.. if they are "stealth" then how will anything connect to them? > > Port knocking? >
<quote> internal servers [Web Server ,Mail Server , SSH and DNS server] </> Port knocking, while perhaps adequate from a security by obscurity standpoint (questionable however), just ain't gonna fly for services like Web, Mail and DNS which are likely to be public facing services. On that, if you had all that stuff set up and did not want public access to it, a much nicer way of publishing those services is punch a single port 1194 hole through and use OpenVPN to get access to the box/services. Brad -- "Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so." -- Douglas Adams
