On Tue, 2005-03-22 at 18:21 +0100, Ramon Casha wrote: > iptables is secure in that it is built into the kernel and thus more > difficult to bypass. On the other hand it does not differentiate between > applications. However for a 50+ PC scenario I'd have a dedicated > firewall/gateway PC. You could then set up your computers so that all > mail is sent via a dedicated mail server, using authentication for smtp, > and the firewall would only allow that server to do outgoing smtp, > rather than allowing every PC to send mail directly. Having said that I > haven't checked out whether there are any firewalls that can > differentiate between applications, or possibly special versions of the > kernel (such as the selinux patches) that can do the trick.
Perhaps the best solution here would be to install a firewall (a real one, *anything* running on MS doesn't count) and a proxy server too. In this manner you have fine control over what is communicating into and out of your network. BTW, Linksys runs Linux. :0) Regs. Iain.

