/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
On Mon, Oct 20, 2003 at 12:45:16AM -0500 or so it is rumoured hereabouts, Fuzzy Fox thought: > /* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! > /* ALSO: Don't quote this header. It makes you look lame :-) */ > > Nicolas Gosselin <[EMAIL PROTECTED]> wrote: > > > > I am trying to have the server on the internal network use the > > external ip that eth1 has when it pushes traffic out, as well as when > > it receives traffic since its a server, http, etc etc) Of course, you shouldn't be exposing a server on your internal LAN to the internet. If it gets cracked, your entire internal LAN is compromised. Instead, the server should be in a "demilitarised zone" (DMZ) on a different physical interface to the rest of your internal network. Something like this: Internet---eth1---firewall---eth0---LAN | eth2 | server That way, a cracked server is just that and no more. Conor -- Conor Daly <[EMAIL PROTECTED]> Domestic Sysadmin :-) --------------------- Faenor.cod.ie 3:11pm up 14 days, 15:09, 0 users, load average: 0.00, 0.02, 0.01 Hobbiton.cod.ie 3:10pm up 14 days, 15:08, 1 user, load average: 0.36, 0.12, 0.02 _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
