[rescue] IPFilter
Phil Stracchino
alaric at caerllewys.net
Sat Aug 16 22:48:11 CDT 2003
On Sat, Aug 16, 2003 at 08:39:37PM -0700, ed at the7thbeer.com wrote:
> > > Howto, but it seems more concerned with running it on a *client* rather than
> > > a box that has public services.
> >
> > You're running your firewall *on* your server, not in front of it...?
>
> Sure, why not? Architecturally, from an operating system standpoint, it's
> a valid thing to do. Perhaps not wise to let a server have to handle the
> overhead of a massive attack, but otherwise a legitimate thing to do.
Oh, sure, it's valid. I'm just a little surprised to see folks on this
list without a dedicated firewall box in front of their nets, is all. I
figured most of the folks around here would rather give up their left
arm than have real services running on a firewall box. :)
('Course, I have limited room to talk, having not yet gotten my LX
running in that role. But I'm expecting an OpenBSD-3.3 CD any time
now.)
--
.********* Fight Back! It may not be just YOUR life at risk. *********.
: phil stracchino : unix ronin : renaissance man : mystic zen biker geek :
: alaric at caerllewys.net : alaric-ruthven at earthlink.net : phil at latt.net :
: 2000 CBR929RR, 1991 VFR750F3 (foully murdered), 1986 VF500F (sold) :
: Linux Now! ...Because friends don't let friends use Microsoft. :
More information about the rescue
mailing list