Hi,
I am running Bering-uClibc 2.2.
I am still very new to all this so your patience is appreciated.
I have multiple static IP addresses and am using the ProxyARP feature to use two of my IP addresses for my web server (serving two domain names) and another one for my media server. I have my media server broadcasting using the http protocol on port 80 so as to not be blocked by the firewalls of the people trying to view the video.
Everything seems to work like it should, the LEAF blocks all port scans/requests from the NET to the DMZ except port 80 TCP.
I have also allowed the DMZ full access to the NET in order to install OS updates. I don't surf the internet, check email, or anything not server related from the server.
Soon, I believe I will have to open a port (443 I think) for SSL connection of my web server. I will have two SSL's, one for each of my web server IP's.
My question is, is there any more I can do to "harden" my LEAFirewall to protect my web server or my firewall for that matter?
Is there module or package I should enable or load to assist in protecting my web server? Or perhaps some shorewall settings?
Thanks,
Andrew
------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
