Security Basics mailing list archives
Re: Security/Firewall question
From: Glenn English <ghe () slsware com>
Date: 29 Jul 2003 10:06:44 -0600
On Tue, 2003-07-29 at 02:40, Gregg wrote:
I'm not certain if- I want to assign that IP to the OpenBSD firewall,
Yup
and use NAT and/or RDR to pass on SMTP traffic on port 25 to the email server.
Yup And put the email server on one of the private nets; set up the OpenBSD box with no servers or users; make it a router between your public MX IP and the private net; turn on OpenBSD's packet filter/firewall allowing only TCP from >1023 to 25; ...
Am I a shame on my species?
... and replace the W2K software with Postfix on *nix :-) Religious issues aside, the script kiddies are much more familiar with W2K than with OpenBSD et al. And for an extra ounce of prevention, set up a firewall on the email server. -- Glenn English ghe () slsware com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Security/Firewall question Gregg (Jul 29)
- RE: Security/Firewall question David Gillett (Jul 29)
- Re: Security/Firewall question Glenn English (Jul 29)
- Re: Security/Firewall question Terry Soucy (Jul 29)
- Re: Security/Firewall question Morton B. Maser (Jul 31)
- <Possible follow-ups>
- RE: Security/Firewall question Michael Dunn (Jul 29)
- RE: Security/Firewall question DeGennaro, Gregory (Jul 30)
- RE: Security/Firewall question Nick Nauwelaerts (Jul 30)