linuxtricks
IS-IT--Management
Hello,<br><br>I recently put together a great OpenBSD Firewall using ipf/ipnat for my 4-PC network that is online with a Cable modem. (which, btw, scored a perfect *stealth* score on <A HREF=" TARGET="_new"> firewall protects my network from the outside world... but I have a second IP from my cable provider running on a Linux box that is my web, email and DNS server: connected to the outside world (24.3.x.x) and connected internally(192.168.x.x)... not protected by the firewall... AND providing a back door to my internal network from the outside world.<br><br>Would my best bet be to get rid of the external NIC on the Linux box and redirect ports from my BSD firewall to the *internal* Linux server - providing access to my services *securely*? (if that is at all possible). This would prevent the outside world from attacking my internal network via the Linux machine (wouldn't it).<br><br>Or<br><br>Should I get rid of the interal NIC in the Linux server, and keep it *only* connected to the outside world. Thus, preventing entry to my internal network altogether.<br><br>Thank you in advance for any light you can shed on this topic for me.<br><br>signed,<br>Rich <p> <br><a href=mailto: > </a><br><a href= > </a><br><i>try not!</i><br>
<i>do... or do not. there is no try!</i>
<i>do... or do not. there is no try!</i>