On Tue, 3 Oct 2000, Gordon Messmer wrote:
> On Tue, 3 Oct 2000, Jason Costomiris wrote:
>
> > don't care about the extra i/f's. Does IPchains not like that?
>
> ipchains is fine with multiple interfaces, you can specify rules by
> interface or network address. The two firewall approach is probably over
> the top, and potentially more troublesome.
>
> MSG
I've run a two firewall setup, it was no more troublesome than a single
setup. The advantage is that an attacker would have to crack two boxes to
get to the private LAN as opposed to one. In this case it would be three!
My external webserver is less important then my entire internal network.
:)
$.02
Bill Carlson
------------
Systems Programmer [EMAIL PROTECTED] | Opinions are mine,
Virtual Hospital http://www.vh.org/ | not my employer's.
University of Iowa Hospitals and Clinics |
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
