routers as a security measure
As mentioned in my other posts, I run a stand-alone FC-5 box. It's located in the DMZ area on a spur of a large network.
I'm thinking of obtaining a small router/firewall of some kind and adding it as a security measure. I would assign it my static IP, and have it forward requests bound for ports 80, 22, and 25 to the server. (Those are the only 3 that I want open to the outside world.) Question. Do you see any advantages or disadvantages to a scheme like that? One advantage I see is that by adding a hardware firewall, it would make absolutely sure only those ports were open. Any drawbacks? |
It's kind of double insurance and does work. I have a firewall on my adsl/modem router and a separate more sophisticated one on the server. The router firewall does a very good job and I can then fine tune exclusions such a s abusive ip addresses on the server firewall.
|
re: routers as a security measure
Which model do you recommend for me and how much can I expect to pay? Remember, all I need is a basic firewall device that will prevent banned IP's from reaching the box. There will be only one machine (the server) attached.
Preferably something with an easy-to-use terminal program that will let me type in those addresses via remote access. |
Quote:
|
Following on ioerror there is a Linux based version available called coyotelinux that would do this very well on 486 + boxes.
|
All times are GMT -5. The time now is 07:22 AM. |