How to secure the management interface
I am interested how to secure a management interface on a forwarding firewall box. What I am trying to prevent is a hacker getting access to the system from an untrusted interface, and being able to access the management interface from inside.
I know that one good solution would be to enable ipf and kernel security levels, but is it possible to disable forwarding between some interfaces by means of sysctl, and yet allow forwarding between others?
Thanks,
-igor
|