On Sat, Jun 07, 2008 at 02:48:21PM +0300, Benedict simon wrote: > > > > > Benedict simon wrote: > >> Dear All, > >> > >> i have recently used shorewall and have a query > >> i have my mail and dns server right now using public IP > >> > >> i want to hide these IP from the external world > >> > >> now in terms of perfomance , reliability, speed, security which one > >> would > >> be better to implement > >> > >> proxyARP or one to one NAT > >> > >> apprecite your help > > > > Is there any special reason why you want to hide your public IP? There > > are a few tricks people can use to find it out anyway, and it shouldn't > > really be that significant. > > > > My guess (without any evidence for it) would be that proxy ARP would > > perform better, and one to one NAT would offer better hiding of your IP > > address. > > > > Paul > > > > Thanks Paul for ur quick reply > actualy my main reason was jus to hide my public IP webservers n mail > servers+ dns servers from outside world > but if u do say i wont hav much significance i guess it beeter to have the > same setup as of now > As it happens, no matter what you do, mail and http requests still need to reach the server. So, if the services are not properly secured, hiding the IP addresses will gain you nothing as they must still be reached by external entities. Otherwise, you may as well just shut down the machines. You make your life lots easier if you simply have them with public IPs to begin with.
Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
signature.asc
Description: Digital signature
------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://sourceforge.net/services/buy/index.php
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
