Security in Depth: Use Multiple Firewalls [COLUG]
Jim
jep200404 at columbus.rr.com
Thu Jan 11 15:39:58 EST 2007
Bill Baker wrote:
> On Thu, 2007-01-11 at 13:26 -0500, Jim wrote:
> > It's prudent to [run a firewall on your Linux box
> > (in _addition_ to the dedicated firewall)].
>
> Why? I already have a separate firewall running on my network.
Security in depth.
This is even more important since you have Windows computers
on your LAN. Windows computers are easily compromised, even
behind firewalls, and are then used as a jumping board from
which to attack and compromise other computers on the LAN.
It's easier to attack compromise your Linux computer from a
Windows computer on your LAN than it is to directly attack your
Linux computer from the Internet.
> > When you do use iptables, check your Samba stuff including smb:// again.
> > I think it took seven rules to get SMB and NMB to work.
>
> Rob's solution seems to have fixed it for me.
> Are you saying I still need to do more?
Yes.
You need to get the firewall stuff running on your Linux computer.
When you do that, it'll likely break some things that used to work.
Two of the things likely to be broken are the SMB and NMB protocols.
I was giving you a head's up on that.
Jim
More information about the colug432
mailing list