Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How About setting up a linux router as a firewall

Status
Not open for further replies.
LiNetTech

LiNetTech

Technical User
Jan 19, 2003
86
0
0
US
Would be something ?
I am personaly interested in doing so , i have played around with it and got it to work , So if hackers are running windows based boxes , Would the possiblities of hackin a Linux bos as well as run scripts and hack trojan connections be Killed Just Curious !
Just looking for some input
I might Create A Lab for this
Any good suggestions would be appreciated
Thanks Anthony Cabanas (MCSE Win 2K)
Network admin / Infrastructure designer / Security consultant
Long Island Networking Technologies Inc acabanas@linettech.com
 
Yes this is possible. For example, oler versions of the SSH Daemon have a vulnerability for such actions. This is a concern when running a Layor 7 type firewall. But, if you do a good job in blocking access to such ports with iptables (which I love). Then this woule negate any potentional. Make little as possible available to the world. This will make it less likly for a hack. Like the old saying, the best way to avoid and intrusion, is to leave the box off when not in use. But, this is not very realistic.

I have been a firm believer in a one box solution, like the CISCO PIX. The PIX obviously is designed to do a basic operation, statefull inspection of packets. Plus it will do DCHP, port forwarding, etc.. for your internal network.

For Example, if you have a Cisco Pix setup, then you can put your Linux / Windows boxes in the DMZ. Then do port forwarding to specific tasks such as Mail server etc...

The bottom line is that firewalls that run at layer 7 have application based vulernabilities. Keep it simple. The less hanging out there the less likly for a hack.

A+ RHCE MCP
daryl_Shatto@adp.com
 
Hey guy's thanks for the input !
Take Care Anthony Cabanas
Long Island Networking Technologies Inc acabanas@linettech.com
 
Status
Not open for further replies.

Similar threads

Scparks
  • Locked
  • Question
Trouble with setting up a SMTP Relay to Office 365
Replies
0
Views
51
Scparks
Scparks
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
143
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
137
gbaughma
gbaughma
DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
0
Views
90
DTGMI
DTGMI
maybeimaleo
  • Locked
  • Question
Is There a Best Windows OS to Upgrade a CA Server to?
Replies
5
Views
88
maybeimaleo
maybeimaleo

Part and Inventory Search

Sponsor

Back
Top