On 15 Jan 2002, Russell Fulton wrote: |Hi, | I want to run nessusd on a linux box that has one interface outside our |firewall and another on the internal network. The idea is that the box |would accept ssh and nessus sessions on the internal interface but do |its scanning and probing from the external interface. | |Does anyone have any ideas on how to set this up? If I can't set it up |this way I will simply use one interface (on the outside) and have IP |chains/tables restrict access to addresses on our internal network. | |Cheers and thanks, Russell.
I would recommend the firewalling and elimating any dual-homing, ESPECIALLY if it's a bridge between the inside and the outside. When someone comes up with a foolproof way to enter linux boxes no matter what, this box will bite you in the backside. .nhoJ paranoid freak
